Docs
PackagesWe recommend using Azure Native.
Azure Classic v5.72.0 published on Monday, Apr 15, 2024 by Pulumi
azure.network.ApplicationGateway
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
name: "example-network",
resourceGroupName: example.name,
location: example.location,
addressSpaces: ["10.254.0.0/16"],
});
const exampleSubnet = new azure.network.Subnet("example", {
name: "example",
resourceGroupName: example.name,
virtualNetworkName: exampleVirtualNetwork.name,
addressPrefixes: ["10.254.0.0/24"],
});
const examplePublicIp = new azure.network.PublicIp("example", {
name: "example-pip",
resourceGroupName: example.name,
location: example.location,
allocationMethod: "Dynamic",
});
const backendAddressPoolName = pulumi.interpolate`${exampleVirtualNetwork.name}-beap`;
const frontendPortName = pulumi.interpolate`${exampleVirtualNetwork.name}-feport`;
const frontendIpConfigurationName = pulumi.interpolate`${exampleVirtualNetwork.name}-feip`;
const httpSettingName = pulumi.interpolate`${exampleVirtualNetwork.name}-be-htst`;
const listenerName = pulumi.interpolate`${exampleVirtualNetwork.name}-httplstn`;
const requestRoutingRuleName = pulumi.interpolate`${exampleVirtualNetwork.name}-rqrt`;
const redirectConfigurationName = pulumi.interpolate`${exampleVirtualNetwork.name}-rdrcfg`;
const network = new azure.network.ApplicationGateway("network", {
name: "example-appgateway",
resourceGroupName: example.name,
location: example.location,
sku: {
name: "Standard_v2",
tier: "Standard_v2",
capacity: 2,
},
gatewayIpConfigurations: [{
name: "my-gateway-ip-configuration",
subnetId: exampleSubnet.id,
}],
frontendPorts: [{
name: frontendPortName,
port: 80,
}],
frontendIpConfigurations: [{
name: frontendIpConfigurationName,
publicIpAddressId: examplePublicIp.id,
}],
backendAddressPools: [{
name: backendAddressPoolName,
}],
backendHttpSettings: [{
name: httpSettingName,
cookieBasedAffinity: "Disabled",
path: "/path1/",
port: 80,
protocol: "Http",
requestTimeout: 60,
}],
httpListeners: [{
name: listenerName,
frontendIpConfigurationName: frontendIpConfigurationName,
frontendPortName: frontendPortName,
protocol: "Http",
}],
requestRoutingRules: [{
name: requestRoutingRuleName,
priority: 9,
ruleType: "Basic",
httpListenerName: listenerName,
backendAddressPoolName: backendAddressPoolName,
backendHttpSettingsName: httpSettingName,
}],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_virtual_network = azure.network.VirtualNetwork("example",
name="example-network",
resource_group_name=example.name,
location=example.location,
address_spaces=["10.254.0.0/16"])
example_subnet = azure.network.Subnet("example",
name="example",
resource_group_name=example.name,
virtual_network_name=example_virtual_network.name,
address_prefixes=["10.254.0.0/24"])
example_public_ip = azure.network.PublicIp("example",
name="example-pip",
resource_group_name=example.name,
location=example.location,
allocation_method="Dynamic")
backend_address_pool_name = example_virtual_network.name.apply(lambda name: f"{name}-beap")
frontend_port_name = example_virtual_network.name.apply(lambda name: f"{name}-feport")
frontend_ip_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-feip")
http_setting_name = example_virtual_network.name.apply(lambda name: f"{name}-be-htst")
listener_name = example_virtual_network.name.apply(lambda name: f"{name}-httplstn")
request_routing_rule_name = example_virtual_network.name.apply(lambda name: f"{name}-rqrt")
redirect_configuration_name = example_virtual_network.name.apply(lambda name: f"{name}-rdrcfg")
network = azure.network.ApplicationGateway("network",
name="example-appgateway",
resource_group_name=example.name,
location=example.location,
sku=azure.network.ApplicationGatewaySkuArgs(
name="Standard_v2",
tier="Standard_v2",
capacity=2,
),
gateway_ip_configurations=[azure.network.ApplicationGatewayGatewayIpConfigurationArgs(
name="my-gateway-ip-configuration",
subnet_id=example_subnet.id,
)],
frontend_ports=[azure.network.ApplicationGatewayFrontendPortArgs(
name=frontend_port_name,
port=80,
)],
frontend_ip_configurations=[azure.network.ApplicationGatewayFrontendIpConfigurationArgs(
name=frontend_ip_configuration_name,
public_ip_address_id=example_public_ip.id,
)],
backend_address_pools=[azure.network.ApplicationGatewayBackendAddressPoolArgs(
name=backend_address_pool_name,
)],
backend_http_settings=[azure.network.ApplicationGatewayBackendHttpSettingArgs(
name=http_setting_name,
cookie_based_affinity="Disabled",
path="/path1/",
port=80,
protocol="Http",
request_timeout=60,
)],
http_listeners=[azure.network.ApplicationGatewayHttpListenerArgs(
name=listener_name,
frontend_ip_configuration_name=frontend_ip_configuration_name,
frontend_port_name=frontend_port_name,
protocol="Http",
)],
request_routing_rules=[azure.network.ApplicationGatewayRequestRoutingRuleArgs(
name=request_routing_rule_name,
priority=9,
rule_type="Basic",
http_listener_name=listener_name,
backend_address_pool_name=backend_address_pool_name,
backend_http_settings_name=http_setting_name,
)])
package main
import (
"fmt"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
Name: pulumi.String("example-network"),
ResourceGroupName: example.Name,
Location: example.Location,
AddressSpaces: pulumi.StringArray{
pulumi.String("10.254.0.0/16"),
},
})
if err != nil {
return err
}
exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
Name: pulumi.String("example"),
ResourceGroupName: example.Name,
VirtualNetworkName: exampleVirtualNetwork.Name,
AddressPrefixes: pulumi.StringArray{
pulumi.String("10.254.0.0/24"),
},
})
if err != nil {
return err
}
examplePublicIp, err := network.NewPublicIp(ctx, "example", &network.PublicIpArgs{
Name: pulumi.String("example-pip"),
ResourceGroupName: example.Name,
Location: example.Location,
AllocationMethod: pulumi.String("Dynamic"),
})
if err != nil {
return err
}
backendAddressPoolName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-beap", name), nil
}).(pulumi.StringOutput)
frontendPortName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-feport", name), nil
}).(pulumi.StringOutput)
frontendIpConfigurationName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-feip", name), nil
}).(pulumi.StringOutput)
httpSettingName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-be-htst", name), nil
}).(pulumi.StringOutput)
listenerName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-httplstn", name), nil
}).(pulumi.StringOutput)
requestRoutingRuleName := exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-rqrt", name), nil
}).(pulumi.StringOutput)
_ = exampleVirtualNetwork.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("%v-rdrcfg", name), nil
}).(pulumi.StringOutput)
_, err = network.NewApplicationGateway(ctx, "network", &network.ApplicationGatewayArgs{
Name: pulumi.String("example-appgateway"),
ResourceGroupName: example.Name,
Location: example.Location,
Sku: &network.ApplicationGatewaySkuArgs{
Name: pulumi.String("Standard_v2"),
Tier: pulumi.String("Standard_v2"),
Capacity: pulumi.Int(2),
},
GatewayIpConfigurations: network.ApplicationGatewayGatewayIpConfigurationArray{
&network.ApplicationGatewayGatewayIpConfigurationArgs{
Name: pulumi.String("my-gateway-ip-configuration"),
SubnetId: exampleSubnet.ID(),
},
},
FrontendPorts: network.ApplicationGatewayFrontendPortArray{
&network.ApplicationGatewayFrontendPortArgs{
Name: pulumi.String(frontendPortName),
Port: pulumi.Int(80),
},
},
FrontendIpConfigurations: network.ApplicationGatewayFrontendIpConfigurationArray{
&network.ApplicationGatewayFrontendIpConfigurationArgs{
Name: pulumi.String(frontendIpConfigurationName),
PublicIpAddressId: examplePublicIp.ID(),
},
},
BackendAddressPools: network.ApplicationGatewayBackendAddressPoolArray{
&network.ApplicationGatewayBackendAddressPoolArgs{
Name: pulumi.String(backendAddressPoolName),
},
},
BackendHttpSettings: network.ApplicationGatewayBackendHttpSettingArray{
&network.ApplicationGatewayBackendHttpSettingArgs{
Name: pulumi.String(httpSettingName),
CookieBasedAffinity: pulumi.String("Disabled"),
Path: pulumi.String("/path1/"),
Port: pulumi.Int(80),
Protocol: pulumi.String("Http"),
RequestTimeout: pulumi.Int(60),
},
},
HttpListeners: network.ApplicationGatewayHttpListenerArray{
&network.ApplicationGatewayHttpListenerArgs{
Name: pulumi.String(listenerName),
FrontendIpConfigurationName: pulumi.String(frontendIpConfigurationName),
FrontendPortName: pulumi.String(frontendPortName),
Protocol: pulumi.String("Http"),
},
},
RequestRoutingRules: network.ApplicationGatewayRequestRoutingRuleArray{
&network.ApplicationGatewayRequestRoutingRuleArgs{
Name: pulumi.String(requestRoutingRuleName),
Priority: pulumi.Int(9),
RuleType: pulumi.String("Basic"),
HttpListenerName: pulumi.String(listenerName),
BackendAddressPoolName: pulumi.String(backendAddressPoolName),
BackendHttpSettingsName: pulumi.String(httpSettingName),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
{
Name = "example-network",
ResourceGroupName = example.Name,
Location = example.Location,
AddressSpaces = new[]
{
"10.254.0.0/16",
},
});
var exampleSubnet = new Azure.Network.Subnet("example", new()
{
Name = "example",
ResourceGroupName = example.Name,
VirtualNetworkName = exampleVirtualNetwork.Name,
AddressPrefixes = new[]
{
"10.254.0.0/24",
},
});
var examplePublicIp = new Azure.Network.PublicIp("example", new()
{
Name = "example-pip",
ResourceGroupName = example.Name,
Location = example.Location,
AllocationMethod = "Dynamic",
});
var backendAddressPoolName = exampleVirtualNetwork.Name.Apply(name => $"{name}-beap");
var frontendPortName = exampleVirtualNetwork.Name.Apply(name => $"{name}-feport");
var frontendIpConfigurationName = exampleVirtualNetwork.Name.Apply(name => $"{name}-feip");
var httpSettingName = exampleVirtualNetwork.Name.Apply(name => $"{name}-be-htst");
var listenerName = exampleVirtualNetwork.Name.Apply(name => $"{name}-httplstn");
var requestRoutingRuleName = exampleVirtualNetwork.Name.Apply(name => $"{name}-rqrt");
var redirectConfigurationName = exampleVirtualNetwork.Name.Apply(name => $"{name}-rdrcfg");
var network = new Azure.Network.ApplicationGateway("network", new()
{
Name = "example-appgateway",
ResourceGroupName = example.Name,
Location = example.Location,
Sku = new Azure.Network.Inputs.ApplicationGatewaySkuArgs
{
Name = "Standard_v2",
Tier = "Standard_v2",
Capacity = 2,
},
GatewayIpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayGatewayIpConfigurationArgs
{
Name = "my-gateway-ip-configuration",
SubnetId = exampleSubnet.Id,
},
},
FrontendPorts = new[]
{
new Azure.Network.Inputs.ApplicationGatewayFrontendPortArgs
{
Name = frontendPortName,
Port = 80,
},
},
FrontendIpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayFrontendIpConfigurationArgs
{
Name = frontendIpConfigurationName,
PublicIpAddressId = examplePublicIp.Id,
},
},
BackendAddressPools = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendAddressPoolArgs
{
Name = backendAddressPoolName,
},
},
BackendHttpSettings = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendHttpSettingArgs
{
Name = httpSettingName,
CookieBasedAffinity = "Disabled",
Path = "/path1/",
Port = 80,
Protocol = "Http",
RequestTimeout = 60,
},
},
HttpListeners = new[]
{
new Azure.Network.Inputs.ApplicationGatewayHttpListenerArgs
{
Name = listenerName,
FrontendIpConfigurationName = frontendIpConfigurationName,
FrontendPortName = frontendPortName,
Protocol = "Http",
},
},
RequestRoutingRules = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRequestRoutingRuleArgs
{
Name = requestRoutingRuleName,
Priority = 9,
RuleType = "Basic",
HttpListenerName = listenerName,
BackendAddressPoolName = backendAddressPoolName,
BackendHttpSettingsName = httpSettingName,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.PublicIp;
import com.pulumi.azure.network.PublicIpArgs;
import com.pulumi.azure.network.ApplicationGateway;
import com.pulumi.azure.network.ApplicationGatewayArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewaySkuArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayGatewayIpConfigurationArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayFrontendPortArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayFrontendIpConfigurationArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayBackendAddressPoolArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayBackendHttpSettingArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayHttpListenerArgs;
import com.pulumi.azure.network.inputs.ApplicationGatewayRequestRoutingRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
.name("example-network")
.resourceGroupName(example.name())
.location(example.location())
.addressSpaces("10.254.0.0/16")
.build());
var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
.name("example")
.resourceGroupName(example.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("10.254.0.0/24")
.build());
var examplePublicIp = new PublicIp("examplePublicIp", PublicIpArgs.builder()
.name("example-pip")
.resourceGroupName(example.name())
.location(example.location())
.allocationMethod("Dynamic")
.build());
final var backendAddressPoolName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-beap", name));
final var frontendPortName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-feport", name));
final var frontendIpConfigurationName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-feip", name));
final var httpSettingName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-be-htst", name));
final var listenerName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-httplstn", name));
final var requestRoutingRuleName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-rqrt", name));
final var redirectConfigurationName = exampleVirtualNetwork.name().applyValue(name -> String.format("%s-rdrcfg", name));
var network = new ApplicationGateway("network", ApplicationGatewayArgs.builder()
.name("example-appgateway")
.resourceGroupName(example.name())
.location(example.location())
.sku(ApplicationGatewaySkuArgs.builder()
.name("Standard_v2")
.tier("Standard_v2")
.capacity(2)
.build())
.gatewayIpConfigurations(ApplicationGatewayGatewayIpConfigurationArgs.builder()
.name("my-gateway-ip-configuration")
.subnetId(exampleSubnet.id())
.build())
.frontendPorts(ApplicationGatewayFrontendPortArgs.builder()
.name(frontendPortName)
.port(80)
.build())
.frontendIpConfigurations(ApplicationGatewayFrontendIpConfigurationArgs.builder()
.name(frontendIpConfigurationName)
.publicIpAddressId(examplePublicIp.id())
.build())
.backendAddressPools(ApplicationGatewayBackendAddressPoolArgs.builder()
.name(backendAddressPoolName)
.build())
.backendHttpSettings(ApplicationGatewayBackendHttpSettingArgs.builder()
.name(httpSettingName)
.cookieBasedAffinity("Disabled")
.path("/path1/")
.port(80)
.protocol("Http")
.requestTimeout(60)
.build())
.httpListeners(ApplicationGatewayHttpListenerArgs.builder()
.name(listenerName)
.frontendIpConfigurationName(frontendIpConfigurationName)
.frontendPortName(frontendPortName)
.protocol("Http")
.build())
.requestRoutingRules(ApplicationGatewayRequestRoutingRuleArgs.builder()
.name(requestRoutingRuleName)
.priority(9)
.ruleType("Basic")
.httpListenerName(listenerName)
.backendAddressPoolName(backendAddressPoolName)
.backendHttpSettingsName(httpSettingName)
.build())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleVirtualNetwork:
type: azure:network:VirtualNetwork
name: example
properties:
name: example-network
resourceGroupName: ${example.name}
location: ${example.location}
addressSpaces:
- 10.254.0.0/16
exampleSubnet:
type: azure:network:Subnet
name: example
properties:
name: example
resourceGroupName: ${example.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.254.0.0/24
examplePublicIp:
type: azure:network:PublicIp
name: example
properties:
name: example-pip
resourceGroupName: ${example.name}
location: ${example.location}
allocationMethod: Dynamic
network:
type: azure:network:ApplicationGateway
properties:
name: example-appgateway
resourceGroupName: ${example.name}
location: ${example.location}
sku:
name: Standard_v2
tier: Standard_v2
capacity: 2
gatewayIpConfigurations:
- name: my-gateway-ip-configuration
subnetId: ${exampleSubnet.id}
frontendPorts:
- name: ${frontendPortName}
port: 80
frontendIpConfigurations:
- name: ${frontendIpConfigurationName}
publicIpAddressId: ${examplePublicIp.id}
backendAddressPools:
- name: ${backendAddressPoolName}
backendHttpSettings:
- name: ${httpSettingName}
cookieBasedAffinity: Disabled
path: /path1/
port: 80
protocol: Http
requestTimeout: 60
httpListeners:
- name: ${listenerName}
frontendIpConfigurationName: ${frontendIpConfigurationName}
frontendPortName: ${frontendPortName}
protocol: Http
requestRoutingRules:
- name: ${requestRoutingRuleName}
priority: 9
ruleType: Basic
httpListenerName: ${listenerName}
backendAddressPoolName: ${backendAddressPoolName}
backendHttpSettingsName: ${httpSettingName}
variables:
backendAddressPoolName: ${exampleVirtualNetwork.name}-beap
frontendPortName: ${exampleVirtualNetwork.name}-feport
frontendIpConfigurationName: ${exampleVirtualNetwork.name}-feip
httpSettingName: ${exampleVirtualNetwork.name}-be-htst
listenerName: ${exampleVirtualNetwork.name}-httplstn
requestRoutingRuleName: ${exampleVirtualNetwork.name}-rqrt
redirectConfigurationName: ${exampleVirtualNetwork.name}-rdrcfg
Create ApplicationGateway Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ApplicationGateway(name: string, args: ApplicationGatewayArgs, opts?: CustomResourceOptions);@overload
def ApplicationGateway(resource_name: str,
args: ApplicationGatewayArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ApplicationGateway(resource_name: str,
opts: Optional[ResourceOptions] = None,
frontend_ip_configurations: Optional[Sequence[ApplicationGatewayFrontendIpConfigurationArgs]] = None,
sku: Optional[ApplicationGatewaySkuArgs] = None,
backend_address_pools: Optional[Sequence[ApplicationGatewayBackendAddressPoolArgs]] = None,
backend_http_settings: Optional[Sequence[ApplicationGatewayBackendHttpSettingArgs]] = None,
resource_group_name: Optional[str] = None,
request_routing_rules: Optional[Sequence[ApplicationGatewayRequestRoutingRuleArgs]] = None,
http_listeners: Optional[Sequence[ApplicationGatewayHttpListenerArgs]] = None,
gateway_ip_configurations: Optional[Sequence[ApplicationGatewayGatewayIpConfigurationArgs]] = None,
frontend_ports: Optional[Sequence[ApplicationGatewayFrontendPortArgs]] = None,
name: Optional[str] = None,
enable_http2: Optional[bool] = None,
firewall_policy_id: Optional[str] = None,
global_: Optional[ApplicationGatewayGlobalArgs] = None,
fips_enabled: Optional[bool] = None,
identity: Optional[ApplicationGatewayIdentityArgs] = None,
location: Optional[str] = None,
authentication_certificates: Optional[Sequence[ApplicationGatewayAuthenticationCertificateArgs]] = None,
private_link_configurations: Optional[Sequence[ApplicationGatewayPrivateLinkConfigurationArgs]] = None,
probes: Optional[Sequence[ApplicationGatewayProbeArgs]] = None,
redirect_configurations: Optional[Sequence[ApplicationGatewayRedirectConfigurationArgs]] = None,
force_firewall_policy_association: Optional[bool] = None,
custom_error_configurations: Optional[Sequence[ApplicationGatewayCustomErrorConfigurationArgs]] = None,
rewrite_rule_sets: Optional[Sequence[ApplicationGatewayRewriteRuleSetArgs]] = None,
autoscale_configuration: Optional[ApplicationGatewayAutoscaleConfigurationArgs] = None,
ssl_certificates: Optional[Sequence[ApplicationGatewaySslCertificateArgs]] = None,
ssl_policy: Optional[ApplicationGatewaySslPolicyArgs] = None,
ssl_profiles: Optional[Sequence[ApplicationGatewaySslProfileArgs]] = None,
tags: Optional[Mapping[str, str]] = None,
trusted_client_certificates: Optional[Sequence[ApplicationGatewayTrustedClientCertificateArgs]] = None,
trusted_root_certificates: Optional[Sequence[ApplicationGatewayTrustedRootCertificateArgs]] = None,
url_path_maps: Optional[Sequence[ApplicationGatewayUrlPathMapArgs]] = None,
waf_configuration: Optional[ApplicationGatewayWafConfigurationArgs] = None,
zones: Optional[Sequence[str]] = None)func NewApplicationGateway(ctx *Context, name string, args ApplicationGatewayArgs, opts ...ResourceOption) (*ApplicationGateway, error)public ApplicationGateway(string name, ApplicationGatewayArgs args, CustomResourceOptions? opts = null)
public ApplicationGateway(String name, ApplicationGatewayArgs args)
public ApplicationGateway(String name, ApplicationGatewayArgs args, CustomResourceOptions options)
type: azure:network:ApplicationGateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ApplicationGatewayArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var applicationGatewayResource = new Azure.Network.ApplicationGateway("applicationGatewayResource", new()
{
FrontendIpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayFrontendIpConfigurationArgs
{
Name = "string",
Id = "string",
PrivateIpAddress = "string",
PrivateIpAddressAllocation = "string",
PrivateLinkConfigurationId = "string",
PrivateLinkConfigurationName = "string",
PublicIpAddressId = "string",
SubnetId = "string",
},
},
Sku = new Azure.Network.Inputs.ApplicationGatewaySkuArgs
{
Name = "string",
Tier = "string",
Capacity = 0,
},
BackendAddressPools = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendAddressPoolArgs
{
Name = "string",
Fqdns = new[]
{
"string",
},
Id = "string",
IpAddresses = new[]
{
"string",
},
},
},
BackendHttpSettings = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendHttpSettingArgs
{
Name = "string",
Port = 0,
Protocol = "string",
CookieBasedAffinity = "string",
PickHostNameFromBackendAddress = false,
Id = "string",
AuthenticationCertificates = new[]
{
new Azure.Network.Inputs.ApplicationGatewayBackendHttpSettingAuthenticationCertificateArgs
{
Name = "string",
Id = "string",
},
},
Path = "string",
AffinityCookieName = "string",
HostName = "string",
ProbeId = "string",
ProbeName = "string",
ConnectionDraining = new Azure.Network.Inputs.ApplicationGatewayBackendHttpSettingConnectionDrainingArgs
{
DrainTimeoutSec = 0,
Enabled = false,
},
RequestTimeout = 0,
TrustedRootCertificateNames = new[]
{
"string",
},
},
},
ResourceGroupName = "string",
RequestRoutingRules = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRequestRoutingRuleArgs
{
HttpListenerName = "string",
RuleType = "string",
Name = "string",
Priority = 0,
HttpListenerId = "string",
BackendHttpSettingsName = "string",
Id = "string",
BackendHttpSettingsId = "string",
BackendAddressPoolId = "string",
RedirectConfigurationId = "string",
RedirectConfigurationName = "string",
RewriteRuleSetId = "string",
RewriteRuleSetName = "string",
BackendAddressPoolName = "string",
UrlPathMapId = "string",
UrlPathMapName = "string",
},
},
HttpListeners = new[]
{
new Azure.Network.Inputs.ApplicationGatewayHttpListenerArgs
{
FrontendPortName = "string",
Protocol = "string",
Name = "string",
FrontendIpConfigurationName = "string",
Id = "string",
FrontendPortId = "string",
HostName = "string",
HostNames = new[]
{
"string",
},
CustomErrorConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayHttpListenerCustomErrorConfigurationArgs
{
CustomErrorPageUrl = "string",
StatusCode = "string",
Id = "string",
},
},
FrontendIpConfigurationId = "string",
FirewallPolicyId = "string",
RequireSni = false,
SslCertificateId = "string",
SslCertificateName = "string",
SslProfileId = "string",
SslProfileName = "string",
},
},
GatewayIpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayGatewayIpConfigurationArgs
{
Name = "string",
SubnetId = "string",
Id = "string",
},
},
FrontendPorts = new[]
{
new Azure.Network.Inputs.ApplicationGatewayFrontendPortArgs
{
Name = "string",
Port = 0,
Id = "string",
},
},
Name = "string",
EnableHttp2 = false,
FirewallPolicyId = "string",
Global = new Azure.Network.Inputs.ApplicationGatewayGlobalArgs
{
RequestBufferingEnabled = false,
ResponseBufferingEnabled = false,
},
FipsEnabled = false,
Identity = new Azure.Network.Inputs.ApplicationGatewayIdentityArgs
{
IdentityIds = new[]
{
"string",
},
Type = "string",
},
Location = "string",
AuthenticationCertificates = new[]
{
new Azure.Network.Inputs.ApplicationGatewayAuthenticationCertificateArgs
{
Data = "string",
Name = "string",
Id = "string",
},
},
PrivateLinkConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayPrivateLinkConfigurationArgs
{
IpConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayPrivateLinkConfigurationIpConfigurationArgs
{
Name = "string",
Primary = false,
PrivateIpAddressAllocation = "string",
SubnetId = "string",
PrivateIpAddress = "string",
},
},
Name = "string",
Id = "string",
},
},
Probes = new[]
{
new Azure.Network.Inputs.ApplicationGatewayProbeArgs
{
Interval = 0,
Name = "string",
Path = "string",
Protocol = "string",
Timeout = 0,
UnhealthyThreshold = 0,
Host = "string",
Id = "string",
Match = new Azure.Network.Inputs.ApplicationGatewayProbeMatchArgs
{
StatusCodes = new[]
{
"string",
},
Body = "string",
},
MinimumServers = 0,
PickHostNameFromBackendHttpSettings = false,
Port = 0,
},
},
RedirectConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRedirectConfigurationArgs
{
Name = "string",
RedirectType = "string",
Id = "string",
IncludePath = false,
IncludeQueryString = false,
TargetListenerId = "string",
TargetListenerName = "string",
TargetUrl = "string",
},
},
ForceFirewallPolicyAssociation = false,
CustomErrorConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayCustomErrorConfigurationArgs
{
CustomErrorPageUrl = "string",
StatusCode = "string",
Id = "string",
},
},
RewriteRuleSets = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRewriteRuleSetArgs
{
Name = "string",
Id = "string",
RewriteRules = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRewriteRuleSetRewriteRuleArgs
{
Name = "string",
RuleSequence = 0,
Conditions = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRewriteRuleSetRewriteRuleConditionArgs
{
Pattern = "string",
Variable = "string",
IgnoreCase = false,
Negate = false,
},
},
RequestHeaderConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArgs
{
HeaderName = "string",
HeaderValue = "string",
},
},
ResponseHeaderConfigurations = new[]
{
new Azure.Network.Inputs.ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArgs
{
HeaderName = "string",
HeaderValue = "string",
},
},
Url = new Azure.Network.Inputs.ApplicationGatewayRewriteRuleSetRewriteRuleUrlArgs
{
Components = "string",
Path = "string",
QueryString = "string",
Reroute = false,
},
},
},
},
},
AutoscaleConfiguration = new Azure.Network.Inputs.ApplicationGatewayAutoscaleConfigurationArgs
{
MinCapacity = 0,
MaxCapacity = 0,
},
SslCertificates = new[]
{
new Azure.Network.Inputs.ApplicationGatewaySslCertificateArgs
{
Name = "string",
Data = "string",
Id = "string",
KeyVaultSecretId = "string",
Password = "string",
PublicCertData = "string",
},
},
SslPolicy = new Azure.Network.Inputs.ApplicationGatewaySslPolicyArgs
{
CipherSuites = new[]
{
"string",
},
DisabledProtocols = new[]
{
"string",
},
MinProtocolVersion = "string",
PolicyName = "string",
PolicyType = "string",
},
SslProfiles = new[]
{
new Azure.Network.Inputs.ApplicationGatewaySslProfileArgs
{
Name = "string",
Id = "string",
SslPolicy = new Azure.Network.Inputs.ApplicationGatewaySslProfileSslPolicyArgs
{
CipherSuites = new[]
{
"string",
},
DisabledProtocols = new[]
{
"string",
},
MinProtocolVersion = "string",
PolicyName = "string",
PolicyType = "string",
},
TrustedClientCertificateNames = new[]
{
"string",
},
VerifyClientCertIssuerDn = false,
VerifyClientCertificateRevocation = "string",
},
},
Tags =
{
{ "string", "string" },
},
TrustedClientCertificates = new[]
{
new Azure.Network.Inputs.ApplicationGatewayTrustedClientCertificateArgs
{
Data = "string",
Name = "string",
Id = "string",
},
},
TrustedRootCertificates = new[]
{
new Azure.Network.Inputs.ApplicationGatewayTrustedRootCertificateArgs
{
Name = "string",
Data = "string",
Id = "string",
KeyVaultSecretId = "string",
},
},
UrlPathMaps = new[]
{
new Azure.Network.Inputs.ApplicationGatewayUrlPathMapArgs
{
Name = "string",
PathRules = new[]
{
new Azure.Network.Inputs.ApplicationGatewayUrlPathMapPathRuleArgs
{
Name = "string",
Paths = new[]
{
"string",
},
BackendAddressPoolId = "string",
BackendAddressPoolName = "string",
BackendHttpSettingsId = "string",
BackendHttpSettingsName = "string",
FirewallPolicyId = "string",
Id = "string",
RedirectConfigurationId = "string",
RedirectConfigurationName = "string",
RewriteRuleSetId = "string",
RewriteRuleSetName = "string",
},
},
DefaultBackendAddressPoolId = "string",
DefaultBackendAddressPoolName = "string",
DefaultBackendHttpSettingsId = "string",
DefaultBackendHttpSettingsName = "string",
DefaultRedirectConfigurationId = "string",
DefaultRedirectConfigurationName = "string",
DefaultRewriteRuleSetId = "string",
DefaultRewriteRuleSetName = "string",
Id = "string",
},
},
WafConfiguration = new Azure.Network.Inputs.ApplicationGatewayWafConfigurationArgs
{
Enabled = false,
FirewallMode = "string",
RuleSetVersion = "string",
DisabledRuleGroups = new[]
{
new Azure.Network.Inputs.ApplicationGatewayWafConfigurationDisabledRuleGroupArgs
{
RuleGroupName = "string",
Rules = new[]
{
0,
},
},
},
Exclusions = new[]
{
new Azure.Network.Inputs.ApplicationGatewayWafConfigurationExclusionArgs
{
MatchVariable = "string",
Selector = "string",
SelectorMatchOperator = "string",
},
},
FileUploadLimitMb = 0,
MaxRequestBodySizeKb = 0,
RequestBodyCheck = false,
RuleSetType = "string",
},
Zones = new[]
{
"string",
},
});
example, err := network.NewApplicationGateway(ctx, "applicationGatewayResource", &network.ApplicationGatewayArgs{
FrontendIpConfigurations: network.ApplicationGatewayFrontendIpConfigurationArray{
&network.ApplicationGatewayFrontendIpConfigurationArgs{
Name: pulumi.String("string"),
Id: pulumi.String("string"),
PrivateIpAddress: pulumi.String("string"),
PrivateIpAddressAllocation: pulumi.String("string"),
PrivateLinkConfigurationId: pulumi.String("string"),
PrivateLinkConfigurationName: pulumi.String("string"),
PublicIpAddressId: pulumi.String("string"),
SubnetId: pulumi.String("string"),
},
},
Sku: &network.ApplicationGatewaySkuArgs{
Name: pulumi.String("string"),
Tier: pulumi.String("string"),
Capacity: pulumi.Int(0),
},
BackendAddressPools: network.ApplicationGatewayBackendAddressPoolArray{
&network.ApplicationGatewayBackendAddressPoolArgs{
Name: pulumi.String("string"),
Fqdns: pulumi.StringArray{
pulumi.String("string"),
},
Id: pulumi.String("string"),
IpAddresses: pulumi.StringArray{
pulumi.String("string"),
},
},
},
BackendHttpSettings: network.ApplicationGatewayBackendHttpSettingArray{
&network.ApplicationGatewayBackendHttpSettingArgs{
Name: pulumi.String("string"),
Port: pulumi.Int(0),
Protocol: pulumi.String("string"),
CookieBasedAffinity: pulumi.String("string"),
PickHostNameFromBackendAddress: pulumi.Bool(false),
Id: pulumi.String("string"),
AuthenticationCertificates: network.ApplicationGatewayBackendHttpSettingAuthenticationCertificateArray{
&network.ApplicationGatewayBackendHttpSettingAuthenticationCertificateArgs{
Name: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
Path: pulumi.String("string"),
AffinityCookieName: pulumi.String("string"),
HostName: pulumi.String("string"),
ProbeId: pulumi.String("string"),
ProbeName: pulumi.String("string"),
ConnectionDraining: &network.ApplicationGatewayBackendHttpSettingConnectionDrainingArgs{
DrainTimeoutSec: pulumi.Int(0),
Enabled: pulumi.Bool(false),
},
RequestTimeout: pulumi.Int(0),
TrustedRootCertificateNames: pulumi.StringArray{
pulumi.String("string"),
},
},
},
ResourceGroupName: pulumi.String("string"),
RequestRoutingRules: network.ApplicationGatewayRequestRoutingRuleArray{
&network.ApplicationGatewayRequestRoutingRuleArgs{
HttpListenerName: pulumi.String("string"),
RuleType: pulumi.String("string"),
Name: pulumi.String("string"),
Priority: pulumi.Int(0),
HttpListenerId: pulumi.String("string"),
BackendHttpSettingsName: pulumi.String("string"),
Id: pulumi.String("string"),
BackendHttpSettingsId: pulumi.String("string"),
BackendAddressPoolId: pulumi.String("string"),
RedirectConfigurationId: pulumi.String("string"),
RedirectConfigurationName: pulumi.String("string"),
RewriteRuleSetId: pulumi.String("string"),
RewriteRuleSetName: pulumi.String("string"),
BackendAddressPoolName: pulumi.String("string"),
UrlPathMapId: pulumi.String("string"),
UrlPathMapName: pulumi.String("string"),
},
},
HttpListeners: network.ApplicationGatewayHttpListenerArray{
&network.ApplicationGatewayHttpListenerArgs{
FrontendPortName: pulumi.String("string"),
Protocol: pulumi.String("string"),
Name: pulumi.String("string"),
FrontendIpConfigurationName: pulumi.String("string"),
Id: pulumi.String("string"),
FrontendPortId: pulumi.String("string"),
HostName: pulumi.String("string"),
HostNames: pulumi.StringArray{
pulumi.String("string"),
},
CustomErrorConfigurations: network.ApplicationGatewayHttpListenerCustomErrorConfigurationArray{
&network.ApplicationGatewayHttpListenerCustomErrorConfigurationArgs{
CustomErrorPageUrl: pulumi.String("string"),
StatusCode: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
FrontendIpConfigurationId: pulumi.String("string"),
FirewallPolicyId: pulumi.String("string"),
RequireSni: pulumi.Bool(false),
SslCertificateId: pulumi.String("string"),
SslCertificateName: pulumi.String("string"),
SslProfileId: pulumi.String("string"),
SslProfileName: pulumi.String("string"),
},
},
GatewayIpConfigurations: network.ApplicationGatewayGatewayIpConfigurationArray{
&network.ApplicationGatewayGatewayIpConfigurationArgs{
Name: pulumi.String("string"),
SubnetId: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
FrontendPorts: network.ApplicationGatewayFrontendPortArray{
&network.ApplicationGatewayFrontendPortArgs{
Name: pulumi.String("string"),
Port: pulumi.Int(0),
Id: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
EnableHttp2: pulumi.Bool(false),
FirewallPolicyId: pulumi.String("string"),
Global: &network.ApplicationGatewayGlobalArgs{
RequestBufferingEnabled: pulumi.Bool(false),
ResponseBufferingEnabled: pulumi.Bool(false),
},
FipsEnabled: pulumi.Bool(false),
Identity: &network.ApplicationGatewayIdentityArgs{
IdentityIds: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
},
Location: pulumi.String("string"),
AuthenticationCertificates: network.ApplicationGatewayAuthenticationCertificateArray{
&network.ApplicationGatewayAuthenticationCertificateArgs{
Data: pulumi.String("string"),
Name: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
PrivateLinkConfigurations: network.ApplicationGatewayPrivateLinkConfigurationArray{
&network.ApplicationGatewayPrivateLinkConfigurationArgs{
IpConfigurations: network.ApplicationGatewayPrivateLinkConfigurationIpConfigurationArray{
&network.ApplicationGatewayPrivateLinkConfigurationIpConfigurationArgs{
Name: pulumi.String("string"),
Primary: pulumi.Bool(false),
PrivateIpAddressAllocation: pulumi.String("string"),
SubnetId: pulumi.String("string"),
PrivateIpAddress: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
Probes: network.ApplicationGatewayProbeArray{
&network.ApplicationGatewayProbeArgs{
Interval: pulumi.Int(0),
Name: pulumi.String("string"),
Path: pulumi.String("string"),
Protocol: pulumi.String("string"),
Timeout: pulumi.Int(0),
UnhealthyThreshold: pulumi.Int(0),
Host: pulumi.String("string"),
Id: pulumi.String("string"),
Match: &network.ApplicationGatewayProbeMatchArgs{
StatusCodes: pulumi.StringArray{
pulumi.String("string"),
},
Body: pulumi.String("string"),
},
MinimumServers: pulumi.Int(0),
PickHostNameFromBackendHttpSettings: pulumi.Bool(false),
Port: pulumi.Int(0),
},
},
RedirectConfigurations: network.ApplicationGatewayRedirectConfigurationArray{
&network.ApplicationGatewayRedirectConfigurationArgs{
Name: pulumi.String("string"),
RedirectType: pulumi.String("string"),
Id: pulumi.String("string"),
IncludePath: pulumi.Bool(false),
IncludeQueryString: pulumi.Bool(false),
TargetListenerId: pulumi.String("string"),
TargetListenerName: pulumi.String("string"),
TargetUrl: pulumi.String("string"),
},
},
ForceFirewallPolicyAssociation: pulumi.Bool(false),
CustomErrorConfigurations: network.ApplicationGatewayCustomErrorConfigurationArray{
&network.ApplicationGatewayCustomErrorConfigurationArgs{
CustomErrorPageUrl: pulumi.String("string"),
StatusCode: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
RewriteRuleSets: network.ApplicationGatewayRewriteRuleSetArray{
&network.ApplicationGatewayRewriteRuleSetArgs{
Name: pulumi.String("string"),
Id: pulumi.String("string"),
RewriteRules: network.ApplicationGatewayRewriteRuleSetRewriteRuleArray{
&network.ApplicationGatewayRewriteRuleSetRewriteRuleArgs{
Name: pulumi.String("string"),
RuleSequence: pulumi.Int(0),
Conditions: network.ApplicationGatewayRewriteRuleSetRewriteRuleConditionArray{
&network.ApplicationGatewayRewriteRuleSetRewriteRuleConditionArgs{
Pattern: pulumi.String("string"),
Variable: pulumi.String("string"),
IgnoreCase: pulumi.Bool(false),
Negate: pulumi.Bool(false),
},
},
RequestHeaderConfigurations: network.ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArray{
&network.ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArgs{
HeaderName: pulumi.String("string"),
HeaderValue: pulumi.String("string"),
},
},
ResponseHeaderConfigurations: network.ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArray{
&network.ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArgs{
HeaderName: pulumi.String("string"),
HeaderValue: pulumi.String("string"),
},
},
Url: &network.ApplicationGatewayRewriteRuleSetRewriteRuleUrlArgs{
Components: pulumi.String("string"),
Path: pulumi.String("string"),
QueryString: pulumi.String("string"),
Reroute: pulumi.Bool(false),
},
},
},
},
},
AutoscaleConfiguration: &network.ApplicationGatewayAutoscaleConfigurationArgs{
MinCapacity: pulumi.Int(0),
MaxCapacity: pulumi.Int(0),
},
SslCertificates: network.ApplicationGatewaySslCertificateArray{
&network.ApplicationGatewaySslCertificateArgs{
Name: pulumi.String("string"),
Data: pulumi.String("string"),
Id: pulumi.String("string"),
KeyVaultSecretId: pulumi.String("string"),
Password: pulumi.String("string"),
PublicCertData: pulumi.String("string"),
},
},
SslPolicy: &network.ApplicationGatewaySslPolicyArgs{
CipherSuites: pulumi.StringArray{
pulumi.String("string"),
},
DisabledProtocols: pulumi.StringArray{
pulumi.String("string"),
},
MinProtocolVersion: pulumi.String("string"),
PolicyName: pulumi.String("string"),
PolicyType: pulumi.String("string"),
},
SslProfiles: network.ApplicationGatewaySslProfileArray{
&network.ApplicationGatewaySslProfileArgs{
Name: pulumi.String("string"),
Id: pulumi.String("string"),
SslPolicy: &network.ApplicationGatewaySslProfileSslPolicyArgs{
CipherSuites: pulumi.StringArray{
pulumi.String("string"),
},
DisabledProtocols: pulumi.StringArray{
pulumi.String("string"),
},
MinProtocolVersion: pulumi.String("string"),
PolicyName: pulumi.String("string"),
PolicyType: pulumi.String("string"),
},
TrustedClientCertificateNames: pulumi.StringArray{
pulumi.String("string"),
},
VerifyClientCertIssuerDn: pulumi.Bool(false),
VerifyClientCertificateRevocation: pulumi.String("string"),
},
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
TrustedClientCertificates: network.ApplicationGatewayTrustedClientCertificateArray{
&network.ApplicationGatewayTrustedClientCertificateArgs{
Data: pulumi.String("string"),
Name: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
TrustedRootCertificates: network.ApplicationGatewayTrustedRootCertificateArray{
&network.ApplicationGatewayTrustedRootCertificateArgs{
Name: pulumi.String("string"),
Data: pulumi.String("string"),
Id: pulumi.String("string"),
KeyVaultSecretId: pulumi.String("string"),
},
},
UrlPathMaps: network.ApplicationGatewayUrlPathMapArray{
&network.ApplicationGatewayUrlPathMapArgs{
Name: pulumi.String("string"),
PathRules: network.ApplicationGatewayUrlPathMapPathRuleArray{
&network.ApplicationGatewayUrlPathMapPathRuleArgs{
Name: pulumi.String("string"),
Paths: pulumi.StringArray{
pulumi.String("string"),
},
BackendAddressPoolId: pulumi.String("string"),
BackendAddressPoolName: pulumi.String("string"),
BackendHttpSettingsId: pulumi.String("string"),
BackendHttpSettingsName: pulumi.String("string"),
FirewallPolicyId: pulumi.String("string"),
Id: pulumi.String("string"),
RedirectConfigurationId: pulumi.String("string"),
RedirectConfigurationName: pulumi.String("string"),
RewriteRuleSetId: pulumi.String("string"),
RewriteRuleSetName: pulumi.String("string"),
},
},
DefaultBackendAddressPoolId: pulumi.String("string"),
DefaultBackendAddressPoolName: pulumi.String("string"),
DefaultBackendHttpSettingsId: pulumi.String("string"),
DefaultBackendHttpSettingsName: pulumi.String("string"),
DefaultRedirectConfigurationId: pulumi.String("string"),
DefaultRedirectConfigurationName: pulumi.String("string"),
DefaultRewriteRuleSetId: pulumi.String("string"),
DefaultRewriteRuleSetName: pulumi.String("string"),
Id: pulumi.String("string"),
},
},
WafConfiguration: &network.ApplicationGatewayWafConfigurationArgs{
Enabled: pulumi.Bool(false),
FirewallMode: pulumi.String("string"),
RuleSetVersion: pulumi.String("string"),
DisabledRuleGroups: network.ApplicationGatewayWafConfigurationDisabledRuleGroupArray{
&network.ApplicationGatewayWafConfigurationDisabledRuleGroupArgs{
RuleGroupName: pulumi.String("string"),
Rules: pulumi.IntArray{
pulumi.Int(0),
},
},
},
Exclusions: network.ApplicationGatewayWafConfigurationExclusionArray{
&network.ApplicationGatewayWafConfigurationExclusionArgs{
MatchVariable: pulumi.String("string"),
Selector: pulumi.String("string"),
SelectorMatchOperator: pulumi.String("string"),
},
},
FileUploadLimitMb: pulumi.Int(0),
MaxRequestBodySizeKb: pulumi.Int(0),
RequestBodyCheck: pulumi.Bool(false),
RuleSetType: pulumi.String("string"),
},
Zones: pulumi.StringArray{
pulumi.String("string"),
},
})
var applicationGatewayResource = new ApplicationGateway("applicationGatewayResource", ApplicationGatewayArgs.builder()
.frontendIpConfigurations(ApplicationGatewayFrontendIpConfigurationArgs.builder()
.name("string")
.id("string")
.privateIpAddress("string")
.privateIpAddressAllocation("string")
.privateLinkConfigurationId("string")
.privateLinkConfigurationName("string")
.publicIpAddressId("string")
.subnetId("string")
.build())
.sku(ApplicationGatewaySkuArgs.builder()
.name("string")
.tier("string")
.capacity(0)
.build())
.backendAddressPools(ApplicationGatewayBackendAddressPoolArgs.builder()
.name("string")
.fqdns("string")
.id("string")
.ipAddresses("string")
.build())
.backendHttpSettings(ApplicationGatewayBackendHttpSettingArgs.builder()
.name("string")
.port(0)
.protocol("string")
.cookieBasedAffinity("string")
.pickHostNameFromBackendAddress(false)
.id("string")
.authenticationCertificates(ApplicationGatewayBackendHttpSettingAuthenticationCertificateArgs.builder()
.name("string")
.id("string")
.build())
.path("string")
.affinityCookieName("string")
.hostName("string")
.probeId("string")
.probeName("string")
.connectionDraining(ApplicationGatewayBackendHttpSettingConnectionDrainingArgs.builder()
.drainTimeoutSec(0)
.enabled(false)
.build())
.requestTimeout(0)
.trustedRootCertificateNames("string")
.build())
.resourceGroupName("string")
.requestRoutingRules(ApplicationGatewayRequestRoutingRuleArgs.builder()
.httpListenerName("string")
.ruleType("string")
.name("string")
.priority(0)
.httpListenerId("string")
.backendHttpSettingsName("string")
.id("string")
.backendHttpSettingsId("string")
.backendAddressPoolId("string")
.redirectConfigurationId("string")
.redirectConfigurationName("string")
.rewriteRuleSetId("string")
.rewriteRuleSetName("string")
.backendAddressPoolName("string")
.urlPathMapId("string")
.urlPathMapName("string")
.build())
.httpListeners(ApplicationGatewayHttpListenerArgs.builder()
.frontendPortName("string")
.protocol("string")
.name("string")
.frontendIpConfigurationName("string")
.id("string")
.frontendPortId("string")
.hostName("string")
.hostNames("string")
.customErrorConfigurations(ApplicationGatewayHttpListenerCustomErrorConfigurationArgs.builder()
.customErrorPageUrl("string")
.statusCode("string")
.id("string")
.build())
.frontendIpConfigurationId("string")
.firewallPolicyId("string")
.requireSni(false)
.sslCertificateId("string")
.sslCertificateName("string")
.sslProfileId("string")
.sslProfileName("string")
.build())
.gatewayIpConfigurations(ApplicationGatewayGatewayIpConfigurationArgs.builder()
.name("string")
.subnetId("string")
.id("string")
.build())
.frontendPorts(ApplicationGatewayFrontendPortArgs.builder()
.name("string")
.port(0)
.id("string")
.build())
.name("string")
.enableHttp2(false)
.firewallPolicyId("string")
.global(ApplicationGatewayGlobalArgs.builder()
.requestBufferingEnabled(false)
.responseBufferingEnabled(false)
.build())
.fipsEnabled(false)
.identity(ApplicationGatewayIdentityArgs.builder()
.identityIds("string")
.type("string")
.build())
.location("string")
.authenticationCertificates(ApplicationGatewayAuthenticationCertificateArgs.builder()
.data("string")
.name("string")
.id("string")
.build())
.privateLinkConfigurations(ApplicationGatewayPrivateLinkConfigurationArgs.builder()
.ipConfigurations(ApplicationGatewayPrivateLinkConfigurationIpConfigurationArgs.builder()
.name("string")
.primary(false)
.privateIpAddressAllocation("string")
.subnetId("string")
.privateIpAddress("string")
.build())
.name("string")
.id("string")
.build())
.probes(ApplicationGatewayProbeArgs.builder()
.interval(0)
.name("string")
.path("string")
.protocol("string")
.timeout(0)
.unhealthyThreshold(0)
.host("string")
.id("string")
.match(ApplicationGatewayProbeMatchArgs.builder()
.statusCodes("string")
.body("string")
.build())
.minimumServers(0)
.pickHostNameFromBackendHttpSettings(false)
.port(0)
.build())
.redirectConfigurations(ApplicationGatewayRedirectConfigurationArgs.builder()
.name("string")
.redirectType("string")
.id("string")
.includePath(false)
.includeQueryString(false)
.targetListenerId("string")
.targetListenerName("string")
.targetUrl("string")
.build())
.forceFirewallPolicyAssociation(false)
.customErrorConfigurations(ApplicationGatewayCustomErrorConfigurationArgs.builder()
.customErrorPageUrl("string")
.statusCode("string")
.id("string")
.build())
.rewriteRuleSets(ApplicationGatewayRewriteRuleSetArgs.builder()
.name("string")
.id("string")
.rewriteRules(ApplicationGatewayRewriteRuleSetRewriteRuleArgs.builder()
.name("string")
.ruleSequence(0)
.conditions(ApplicationGatewayRewriteRuleSetRewriteRuleConditionArgs.builder()
.pattern("string")
.variable("string")
.ignoreCase(false)
.negate(false)
.build())
.requestHeaderConfigurations(ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArgs.builder()
.headerName("string")
.headerValue("string")
.build())
.responseHeaderConfigurations(ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArgs.builder()
.headerName("string")
.headerValue("string")
.build())
.url(ApplicationGatewayRewriteRuleSetRewriteRuleUrlArgs.builder()
.components("string")
.path("string")
.queryString("string")
.reroute(false)
.build())
.build())
.build())
.autoscaleConfiguration(ApplicationGatewayAutoscaleConfigurationArgs.builder()
.minCapacity(0)
.maxCapacity(0)
.build())
.sslCertificates(ApplicationGatewaySslCertificateArgs.builder()
.name("string")
.data("string")
.id("string")
.keyVaultSecretId("string")
.password("string")
.publicCertData("string")
.build())
.sslPolicy(ApplicationGatewaySslPolicyArgs.builder()
.cipherSuites("string")
.disabledProtocols("string")
.minProtocolVersion("string")
.policyName("string")
.policyType("string")
.build())
.sslProfiles(ApplicationGatewaySslProfileArgs.builder()
.name("string")
.id("string")
.sslPolicy(ApplicationGatewaySslProfileSslPolicyArgs.builder()
.cipherSuites("string")
.disabledProtocols("string")
.minProtocolVersion("string")
.policyName("string")
.policyType("string")
.build())
.trustedClientCertificateNames("string")
.verifyClientCertIssuerDn(false)
.verifyClientCertificateRevocation("string")
.build())
.tags(Map.of("string", "string"))
.trustedClientCertificates(ApplicationGatewayTrustedClientCertificateArgs.builder()
.data("string")
.name("string")
.id("string")
.build())
.trustedRootCertificates(ApplicationGatewayTrustedRootCertificateArgs.builder()
.name("string")
.data("string")
.id("string")
.keyVaultSecretId("string")
.build())
.urlPathMaps(ApplicationGatewayUrlPathMapArgs.builder()
.name("string")
.pathRules(ApplicationGatewayUrlPathMapPathRuleArgs.builder()
.name("string")
.paths("string")
.backendAddressPoolId("string")
.backendAddressPoolName("string")
.backendHttpSettingsId("string")
.backendHttpSettingsName("string")
.firewallPolicyId("string")
.id("string")
.redirectConfigurationId("string")
.redirectConfigurationName("string")
.rewriteRuleSetId("string")
.rewriteRuleSetName("string")
.build())
.defaultBackendAddressPoolId("string")
.defaultBackendAddressPoolName("string")
.defaultBackendHttpSettingsId("string")
.defaultBackendHttpSettingsName("string")
.defaultRedirectConfigurationId("string")
.defaultRedirectConfigurationName("string")
.defaultRewriteRuleSetId("string")
.defaultRewriteRuleSetName("string")
.id("string")
.build())
.wafConfiguration(ApplicationGatewayWafConfigurationArgs.builder()
.enabled(false)
.firewallMode("string")
.ruleSetVersion("string")
.disabledRuleGroups(ApplicationGatewayWafConfigurationDisabledRuleGroupArgs.builder()
.ruleGroupName("string")
.rules(0)
.build())
.exclusions(ApplicationGatewayWafConfigurationExclusionArgs.builder()
.matchVariable("string")
.selector("string")
.selectorMatchOperator("string")
.build())
.fileUploadLimitMb(0)
.maxRequestBodySizeKb(0)
.requestBodyCheck(false)
.ruleSetType("string")
.build())
.zones("string")
.build());
application_gateway_resource = azure.network.ApplicationGateway("applicationGatewayResource",
frontend_ip_configurations=[azure.network.ApplicationGatewayFrontendIpConfigurationArgs(
name="string",
id="string",
private_ip_address="string",
private_ip_address_allocation="string",
private_link_configuration_id="string",
private_link_configuration_name="string",
public_ip_address_id="string",
subnet_id="string",
)],
sku=azure.network.ApplicationGatewaySkuArgs(
name="string",
tier="string",
capacity=0,
),
backend_address_pools=[azure.network.ApplicationGatewayBackendAddressPoolArgs(
name="string",
fqdns=["string"],
id="string",
ip_addresses=["string"],
)],
backend_http_settings=[azure.network.ApplicationGatewayBackendHttpSettingArgs(
name="string",
port=0,
protocol="string",
cookie_based_affinity="string",
pick_host_name_from_backend_address=False,
id="string",
authentication_certificates=[azure.network.ApplicationGatewayBackendHttpSettingAuthenticationCertificateArgs(
name="string",
id="string",
)],
path="string",
affinity_cookie_name="string",
host_name="string",
probe_id="string",
probe_name="string",
connection_draining=azure.network.ApplicationGatewayBackendHttpSettingConnectionDrainingArgs(
drain_timeout_sec=0,
enabled=False,
),
request_timeout=0,
trusted_root_certificate_names=["string"],
)],
resource_group_name="string",
request_routing_rules=[azure.network.ApplicationGatewayRequestRoutingRuleArgs(
http_listener_name="string",
rule_type="string",
name="string",
priority=0,
http_listener_id="string",
backend_http_settings_name="string",
id="string",
backend_http_settings_id="string",
backend_address_pool_id="string",
redirect_configuration_id="string",
redirect_configuration_name="string",
rewrite_rule_set_id="string",
rewrite_rule_set_name="string",
backend_address_pool_name="string",
url_path_map_id="string",
url_path_map_name="string",
)],
http_listeners=[azure.network.ApplicationGatewayHttpListenerArgs(
frontend_port_name="string",
protocol="string",
name="string",
frontend_ip_configuration_name="string",
id="string",
frontend_port_id="string",
host_name="string",
host_names=["string"],
custom_error_configurations=[azure.network.ApplicationGatewayHttpListenerCustomErrorConfigurationArgs(
custom_error_page_url="string",
status_code="string",
id="string",
)],
frontend_ip_configuration_id="string",
firewall_policy_id="string",
require_sni=False,
ssl_certificate_id="string",
ssl_certificate_name="string",
ssl_profile_id="string",
ssl_profile_name="string",
)],
gateway_ip_configurations=[azure.network.ApplicationGatewayGatewayIpConfigurationArgs(
name="string",
subnet_id="string",
id="string",
)],
frontend_ports=[azure.network.ApplicationGatewayFrontendPortArgs(
name="string",
port=0,
id="string",
)],
name="string",
enable_http2=False,
firewall_policy_id="string",
global_=azure.network.ApplicationGatewayGlobalArgs(
request_buffering_enabled=False,
response_buffering_enabled=False,
),
fips_enabled=False,
identity=azure.network.ApplicationGatewayIdentityArgs(
identity_ids=["string"],
type="string",
),
location="string",
authentication_certificates=[azure.network.ApplicationGatewayAuthenticationCertificateArgs(
data="string",
name="string",
id="string",
)],
private_link_configurations=[azure.network.ApplicationGatewayPrivateLinkConfigurationArgs(
ip_configurations=[azure.network.ApplicationGatewayPrivateLinkConfigurationIpConfigurationArgs(
name="string",
primary=False,
private_ip_address_allocation="string",
subnet_id="string",
private_ip_address="string",
)],
name="string",
id="string",
)],
probes=[azure.network.ApplicationGatewayProbeArgs(
interval=0,
name="string",
path="string",
protocol="string",
timeout=0,
unhealthy_threshold=0,
host="string",
id="string",
match=azure.network.ApplicationGatewayProbeMatchArgs(
status_codes=["string"],
body="string",
),
minimum_servers=0,
pick_host_name_from_backend_http_settings=False,
port=0,
)],
redirect_configurations=[azure.network.ApplicationGatewayRedirectConfigurationArgs(
name="string",
redirect_type="string",
id="string",
include_path=False,
include_query_string=False,
target_listener_id="string",
target_listener_name="string",
target_url="string",
)],
force_firewall_policy_association=False,
custom_error_configurations=[azure.network.ApplicationGatewayCustomErrorConfigurationArgs(
custom_error_page_url="string",
status_code="string",
id="string",
)],
rewrite_rule_sets=[azure.network.ApplicationGatewayRewriteRuleSetArgs(
name="string",
id="string",
rewrite_rules=[azure.network.ApplicationGatewayRewriteRuleSetRewriteRuleArgs(
name="string",
rule_sequence=0,
conditions=[azure.network.ApplicationGatewayRewriteRuleSetRewriteRuleConditionArgs(
pattern="string",
variable="string",
ignore_case=False,
negate=False,
)],
request_header_configurations=[azure.network.ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArgs(
header_name="string",
header_value="string",
)],
response_header_configurations=[azure.network.ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArgs(
header_name="string",
header_value="string",
)],
url=azure.network.ApplicationGatewayRewriteRuleSetRewriteRuleUrlArgs(
components="string",
path="string",
query_string="string",
reroute=False,
),
)],
)],
autoscale_configuration=azure.network.ApplicationGatewayAutoscaleConfigurationArgs(
min_capacity=0,
max_capacity=0,
),
ssl_certificates=[azure.network.ApplicationGatewaySslCertificateArgs(
name="string",
data="string",
id="string",
key_vault_secret_id="string",
password="string",
public_cert_data="string",
)],
ssl_policy=azure.network.ApplicationGatewaySslPolicyArgs(
cipher_suites=["string"],
disabled_protocols=["string"],
min_protocol_version="string",
policy_name="string",
policy_type="string",
),
ssl_profiles=[azure.network.ApplicationGatewaySslProfileArgs(
name="string",
id="string",
ssl_policy=azure.network.ApplicationGatewaySslProfileSslPolicyArgs(
cipher_suites=["string"],
disabled_protocols=["string"],
min_protocol_version="string",
policy_name="string",
policy_type="string",
),
trusted_client_certificate_names=["string"],
verify_client_cert_issuer_dn=False,
verify_client_certificate_revocation="string",
)],
tags={
"string": "string",
},
trusted_client_certificates=[azure.network.ApplicationGatewayTrustedClientCertificateArgs(
data="string",
name="string",
id="string",
)],
trusted_root_certificates=[azure.network.ApplicationGatewayTrustedRootCertificateArgs(
name="string",
data="string",
id="string",
key_vault_secret_id="string",
)],
url_path_maps=[azure.network.ApplicationGatewayUrlPathMapArgs(
name="string",
path_rules=[azure.network.ApplicationGatewayUrlPathMapPathRuleArgs(
name="string",
paths=["string"],
backend_address_pool_id="string",
backend_address_pool_name="string",
backend_http_settings_id="string",
backend_http_settings_name="string",
firewall_policy_id="string",
id="string",
redirect_configuration_id="string",
redirect_configuration_name="string",
rewrite_rule_set_id="string",
rewrite_rule_set_name="string",
)],
default_backend_address_pool_id="string",
default_backend_address_pool_name="string",
default_backend_http_settings_id="string",
default_backend_http_settings_name="string",
default_redirect_configuration_id="string",
default_redirect_configuration_name="string",
default_rewrite_rule_set_id="string",
default_rewrite_rule_set_name="string",
id="string",
)],
waf_configuration=azure.network.ApplicationGatewayWafConfigurationArgs(
enabled=False,
firewall_mode="string",
rule_set_version="string",
disabled_rule_groups=[azure.network.ApplicationGatewayWafConfigurationDisabledRuleGroupArgs(
rule_group_name="string",
rules=[0],
)],
exclusions=[azure.network.ApplicationGatewayWafConfigurationExclusionArgs(
match_variable="string",
selector="string",
selector_match_operator="string",
)],
file_upload_limit_mb=0,
max_request_body_size_kb=0,
request_body_check=False,
rule_set_type="string",
),
zones=["string"])
const applicationGatewayResource = new azure.network.ApplicationGateway("applicationGatewayResource", {
frontendIpConfigurations: [{
name: "string",
id: "string",
privateIpAddress: "string",
privateIpAddressAllocation: "string",
privateLinkConfigurationId: "string",
privateLinkConfigurationName: "string",
publicIpAddressId: "string",
subnetId: "string",
}],
sku: {
name: "string",
tier: "string",
capacity: 0,
},
backendAddressPools: [{
name: "string",
fqdns: ["string"],
id: "string",
ipAddresses: ["string"],
}],
backendHttpSettings: [{
name: "string",
port: 0,
protocol: "string",
cookieBasedAffinity: "string",
pickHostNameFromBackendAddress: false,
id: "string",
authenticationCertificates: [{
name: "string",
id: "string",
}],
path: "string",
affinityCookieName: "string",
hostName: "string",
probeId: "string",
probeName: "string",
connectionDraining: {
drainTimeoutSec: 0,
enabled: false,
},
requestTimeout: 0,
trustedRootCertificateNames: ["string"],
}],
resourceGroupName: "string",
requestRoutingRules: [{
httpListenerName: "string",
ruleType: "string",
name: "string",
priority: 0,
httpListenerId: "string",
backendHttpSettingsName: "string",
id: "string",
backendHttpSettingsId: "string",
backendAddressPoolId: "string",
redirectConfigurationId: "string",
redirectConfigurationName: "string",
rewriteRuleSetId: "string",
rewriteRuleSetName: "string",
backendAddressPoolName: "string",
urlPathMapId: "string",
urlPathMapName: "string",
}],
httpListeners: [{
frontendPortName: "string",
protocol: "string",
name: "string",
frontendIpConfigurationName: "string",
id: "string",
frontendPortId: "string",
hostName: "string",
hostNames: ["string"],
customErrorConfigurations: [{
customErrorPageUrl: "string",
statusCode: "string",
id: "string",
}],
frontendIpConfigurationId: "string",
firewallPolicyId: "string",
requireSni: false,
sslCertificateId: "string",
sslCertificateName: "string",
sslProfileId: "string",
sslProfileName: "string",
}],
gatewayIpConfigurations: [{
name: "string",
subnetId: "string",
id: "string",
}],
frontendPorts: [{
name: "string",
port: 0,
id: "string",
}],
name: "string",
enableHttp2: false,
firewallPolicyId: "string",
global: {
requestBufferingEnabled: false,
responseBufferingEnabled: false,
},
fipsEnabled: false,
identity: {
identityIds: ["string"],
type: "string",
},
location: "string",
authenticationCertificates: [{
data: "string",
name: "string",
id: "string",
}],
privateLinkConfigurations: [{
ipConfigurations: [{
name: "string",
primary: false,
privateIpAddressAllocation: "string",
subnetId: "string",
privateIpAddress: "string",
}],
name: "string",
id: "string",
}],
probes: [{
interval: 0,
name: "string",
path: "string",
protocol: "string",
timeout: 0,
unhealthyThreshold: 0,
host: "string",
id: "string",
match: {
statusCodes: ["string"],
body: "string",
},
minimumServers: 0,
pickHostNameFromBackendHttpSettings: false,
port: 0,
}],
redirectConfigurations: [{
name: "string",
redirectType: "string",
id: "string",
includePath: false,
includeQueryString: false,
targetListenerId: "string",
targetListenerName: "string",
targetUrl: "string",
}],
forceFirewallPolicyAssociation: false,
customErrorConfigurations: [{
customErrorPageUrl: "string",
statusCode: "string",
id: "string",
}],
rewriteRuleSets: [{
name: "string",
id: "string",
rewriteRules: [{
name: "string",
ruleSequence: 0,
conditions: [{
pattern: "string",
variable: "string",
ignoreCase: false,
negate: false,
}],
requestHeaderConfigurations: [{
headerName: "string",
headerValue: "string",
}],
responseHeaderConfigurations: [{
headerName: "string",
headerValue: "string",
}],
url: {
components: "string",
path: "string",
queryString: "string",
reroute: false,
},
}],
}],
autoscaleConfiguration: {
minCapacity: 0,
maxCapacity: 0,
},
sslCertificates: [{
name: "string",
data: "string",
id: "string",
keyVaultSecretId: "string",
password: "string",
publicCertData: "string",
}],
sslPolicy: {
cipherSuites: ["string"],
disabledProtocols: ["string"],
minProtocolVersion: "string",
policyName: "string",
policyType: "string",
},
sslProfiles: [{
name: "string",
id: "string",
sslPolicy: {
cipherSuites: ["string"],
disabledProtocols: ["string"],
minProtocolVersion: "string",
policyName: "string",
policyType: "string",
},
trustedClientCertificateNames: ["string"],
verifyClientCertIssuerDn: false,
verifyClientCertificateRevocation: "string",
}],
tags: {
string: "string",
},
trustedClientCertificates: [{
data: "string",
name: "string",
id: "string",
}],
trustedRootCertificates: [{
name: "string",
data: "string",
id: "string",
keyVaultSecretId: "string",
}],
urlPathMaps: [{
name: "string",
pathRules: [{
name: "string",
paths: ["string"],
backendAddressPoolId: "string",
backendAddressPoolName: "string",
backendHttpSettingsId: "string",
backendHttpSettingsName: "string",
firewallPolicyId: "string",
id: "string",
redirectConfigurationId: "string",
redirectConfigurationName: "string",
rewriteRuleSetId: "string",
rewriteRuleSetName: "string",
}],
defaultBackendAddressPoolId: "string",
defaultBackendAddressPoolName: "string",
defaultBackendHttpSettingsId: "string",
defaultBackendHttpSettingsName: "string",
defaultRedirectConfigurationId: "string",
defaultRedirectConfigurationName: "string",
defaultRewriteRuleSetId: "string",
defaultRewriteRuleSetName: "string",
id: "string",
}],
wafConfiguration: {
enabled: false,
firewallMode: "string",
ruleSetVersion: "string",
disabledRuleGroups: [{
ruleGroupName: "string",
rules: [0],
}],
exclusions: [{
matchVariable: "string",
selector: "string",
selectorMatchOperator: "string",
}],
fileUploadLimitMb: 0,
maxRequestBodySizeKb: 0,
requestBodyCheck: false,
ruleSetType: "string",
},
zones: ["string"],
});
type: azure:network:ApplicationGateway
properties:
authenticationCertificates:
- data: string
id: string
name: string
autoscaleConfiguration:
maxCapacity: 0
minCapacity: 0
backendAddressPools:
- fqdns:
- string
id: string
ipAddresses:
- string
name: string
backendHttpSettings:
- affinityCookieName: string
authenticationCertificates:
- id: string
name: string
connectionDraining:
drainTimeoutSec: 0
enabled: false
cookieBasedAffinity: string
hostName: string
id: string
name: string
path: string
pickHostNameFromBackendAddress: false
port: 0
probeId: string
probeName: string
protocol: string
requestTimeout: 0
trustedRootCertificateNames:
- string
customErrorConfigurations:
- customErrorPageUrl: string
id: string
statusCode: string
enableHttp2: false
fipsEnabled: false
firewallPolicyId: string
forceFirewallPolicyAssociation: false
frontendIpConfigurations:
- id: string
name: string
privateIpAddress: string
privateIpAddressAllocation: string
privateLinkConfigurationId: string
privateLinkConfigurationName: string
publicIpAddressId: string
subnetId: string
frontendPorts:
- id: string
name: string
port: 0
gatewayIpConfigurations:
- id: string
name: string
subnetId: string
global:
requestBufferingEnabled: false
responseBufferingEnabled: false
httpListeners:
- customErrorConfigurations:
- customErrorPageUrl: string
id: string
statusCode: string
firewallPolicyId: string
frontendIpConfigurationId: string
frontendIpConfigurationName: string
frontendPortId: string
frontendPortName: string
hostName: string
hostNames:
- string
id: string
name: string
protocol: string
requireSni: false
sslCertificateId: string
sslCertificateName: string
sslProfileId: string
sslProfileName: string
identity:
identityIds:
- string
type: string
location: string
name: string
privateLinkConfigurations:
- id: string
ipConfigurations:
- name: string
primary: false
privateIpAddress: string
privateIpAddressAllocation: string
subnetId: string
name: string
probes:
- host: string
id: string
interval: 0
match:
body: string
statusCodes:
- string
minimumServers: 0
name: string
path: string
pickHostNameFromBackendHttpSettings: false
port: 0
protocol: string
timeout: 0
unhealthyThreshold: 0
redirectConfigurations:
- id: string
includePath: false
includeQueryString: false
name: string
redirectType: string
targetListenerId: string
targetListenerName: string
targetUrl: string
requestRoutingRules:
- backendAddressPoolId: string
backendAddressPoolName: string
backendHttpSettingsId: string
backendHttpSettingsName: string
httpListenerId: string
httpListenerName: string
id: string
name: string
priority: 0
redirectConfigurationId: string
redirectConfigurationName: string
rewriteRuleSetId: string
rewriteRuleSetName: string
ruleType: string
urlPathMapId: string
urlPathMapName: string
resourceGroupName: string
rewriteRuleSets:
- id: string
name: string
rewriteRules:
- conditions:
- ignoreCase: false
negate: false
pattern: string
variable: string
name: string
requestHeaderConfigurations:
- headerName: string
headerValue: string
responseHeaderConfigurations:
- headerName: string
headerValue: string
ruleSequence: 0
url:
components: string
path: string
queryString: string
reroute: false
sku:
capacity: 0
name: string
tier: string
sslCertificates:
- data: string
id: string
keyVaultSecretId: string
name: string
password: string
publicCertData: string
sslPolicy:
cipherSuites:
- string
disabledProtocols:
- string
minProtocolVersion: string
policyName: string
policyType: string
sslProfiles:
- id: string
name: string
sslPolicy:
cipherSuites:
- string
disabledProtocols:
- string
minProtocolVersion: string
policyName: string
policyType: string
trustedClientCertificateNames:
- string
verifyClientCertIssuerDn: false
verifyClientCertificateRevocation: string
tags:
string: string
trustedClientCertificates:
- data: string
id: string
name: string
trustedRootCertificates:
- data: string
id: string
keyVaultSecretId: string
name: string
urlPathMaps:
- defaultBackendAddressPoolId: string
defaultBackendAddressPoolName: string
defaultBackendHttpSettingsId: string
defaultBackendHttpSettingsName: string
defaultRedirectConfigurationId: string
defaultRedirectConfigurationName: string
defaultRewriteRuleSetId: string
defaultRewriteRuleSetName: string
id: string
name: string
pathRules:
- backendAddressPoolId: string
backendAddressPoolName: string
backendHttpSettingsId: string
backendHttpSettingsName: string
firewallPolicyId: string
id: string
name: string
paths:
- string
redirectConfigurationId: string
redirectConfigurationName: string
rewriteRuleSetId: string
rewriteRuleSetName: string
wafConfiguration:
disabledRuleGroups:
- ruleGroupName: string
rules:
- 0
enabled: false
exclusions:
- matchVariable: string
selector: string
selectorMatchOperator: string
fileUploadLimitMb: 0
firewallMode: string
maxRequestBodySizeKb: 0
requestBodyCheck: false
ruleSetType: string
ruleSetVersion: string
zones:
- string
ApplicationGateway Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The ApplicationGateway resource accepts the following input properties:
- Backend
Address List<ApplicationPools Gateway Backend Address Pool> - One or more
backend_address_poolblocks as defined below. - Backend
Http List<ApplicationSettings Gateway Backend Http Setting> - One or more
backend_http_settingsblocks as defined below. - Frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> - One or more
frontend_ip_configurationblocks as defined below. - Frontend
Ports List<ApplicationGateway Frontend Port> - One or more
frontend_portblocks as defined below. - Gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> - One or more
gateway_ip_configurationblocks as defined below. - Http
Listeners List<ApplicationGateway Http Listener> - One or more
http_listenerblocks as defined below. - Request
Routing List<ApplicationRules Gateway Request Routing Rule> - One or more
request_routing_ruleblocks as defined below. - Resource
Group stringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Sku
Application
Gateway Sku - A
skublock as defined below. - Authentication
Certificates List<ApplicationGateway Authentication Certificate> - One or more
authentication_certificateblocks as defined below. - Autoscale
Configuration ApplicationGateway Autoscale Configuration - An
autoscale_configurationblock as defined below. - Custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> - One or more
custom_error_configurationblocks as defined below. - Enable
Http2 bool - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - Fips
Enabled bool - Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId - The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- Global
Application
Gateway Global - A
globalblock as defined below. - Identity
Application
Gateway Identity - An
identityblock as defined below. - Location string
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
- The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Link List<ApplicationConfigurations Gateway Private Link Configuration> - One or more
private_link_configurationblocks as defined below. - Probes
List<Application
Gateway Probe> - One or more
probeblocks as defined below. - Redirect
Configurations List<ApplicationGateway Redirect Configuration> - One or more
redirect_configurationblocks as defined below. - Rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - Ssl
Certificates List<ApplicationGateway Ssl Certificate> - One or more
ssl_certificateblocks as defined below. - Ssl
Policy ApplicationGateway Ssl Policy - a
ssl_policyblock as defined below. - Ssl
Profiles List<ApplicationGateway Ssl Profile> - One or more
ssl_profileblocks as defined below. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> - One or more
trusted_client_certificateblocks as defined below. - Trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> - One or more
trusted_root_certificateblocks as defined below. - Url
Path List<ApplicationMaps Gateway Url Path Map> - One or more
url_path_mapblocks as defined below. - Waf
Configuration ApplicationGateway Waf Configuration - A
waf_configurationblock as defined below. - Zones List<string>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- Backend
Address []ApplicationPools Gateway Backend Address Pool Args - One or more
backend_address_poolblocks as defined below. - Backend
Http []ApplicationSettings Gateway Backend Http Setting Args - One or more
backend_http_settingsblocks as defined below. - Frontend
Ip []ApplicationConfigurations Gateway Frontend Ip Configuration Args - One or more
frontend_ip_configurationblocks as defined below. - Frontend
Ports []ApplicationGateway Frontend Port Args - One or more
frontend_portblocks as defined below. - Gateway
Ip []ApplicationConfigurations Gateway Gateway Ip Configuration Args - One or more
gateway_ip_configurationblocks as defined below. - Http
Listeners []ApplicationGateway Http Listener Args - One or more
http_listenerblocks as defined below. - Request
Routing []ApplicationRules Gateway Request Routing Rule Args - One or more
request_routing_ruleblocks as defined below. - Resource
Group stringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Sku
Application
Gateway Sku Args - A
skublock as defined below. - Authentication
Certificates []ApplicationGateway Authentication Certificate Args - One or more
authentication_certificateblocks as defined below. - Autoscale
Configuration ApplicationGateway Autoscale Configuration Args - An
autoscale_configurationblock as defined below. - Custom
Error []ApplicationConfigurations Gateway Custom Error Configuration Args - One or more
custom_error_configurationblocks as defined below. - Enable
Http2 bool - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - Fips
Enabled bool - Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId - The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- Global
Application
Gateway Global Args - A
globalblock as defined below. - Identity
Application
Gateway Identity Args - An
identityblock as defined below. - Location string
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
- The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Link []ApplicationConfigurations Gateway Private Link Configuration Args - One or more
private_link_configurationblocks as defined below. - Probes
[]Application
Gateway Probe Args - One or more
probeblocks as defined below. - Redirect
Configurations []ApplicationGateway Redirect Configuration Args - One or more
redirect_configurationblocks as defined below. - Rewrite
Rule []ApplicationSets Gateway Rewrite Rule Set Args - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - Ssl
Certificates []ApplicationGateway Ssl Certificate Args - One or more
ssl_certificateblocks as defined below. - Ssl
Policy ApplicationGateway Ssl Policy Args - a
ssl_policyblock as defined below. - Ssl
Profiles []ApplicationGateway Ssl Profile Args - One or more
ssl_profileblocks as defined below. - map[string]string
- A mapping of tags to assign to the resource.
- Trusted
Client []ApplicationCertificates Gateway Trusted Client Certificate Args - One or more
trusted_client_certificateblocks as defined below. - Trusted
Root []ApplicationCertificates Gateway Trusted Root Certificate Args - One or more
trusted_root_certificateblocks as defined below. - Url
Path []ApplicationMaps Gateway Url Path Map Args - One or more
url_path_mapblocks as defined below. - Waf
Configuration ApplicationGateway Waf Configuration Args - A
waf_configurationblock as defined below. - Zones []string
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- backend
Address List<ApplicationPools Gateway Backend Address Pool> - One or more
backend_address_poolblocks as defined below. - backend
Http List<ApplicationSettings Gateway Backend Http Setting> - One or more
backend_http_settingsblocks as defined below. - frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> - One or more
frontend_ip_configurationblocks as defined below. - frontend
Ports List<ApplicationGateway Frontend Port> - One or more
frontend_portblocks as defined below. - gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> - One or more
gateway_ip_configurationblocks as defined below. - http
Listeners List<ApplicationGateway Http Listener> - One or more
http_listenerblocks as defined below. - request
Routing List<ApplicationRules Gateway Request Routing Rule> - One or more
request_routing_ruleblocks as defined below. - resource
Group StringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku
Application
Gateway Sku - A
skublock as defined below. - authentication
Certificates List<ApplicationGateway Authentication Certificate> - One or more
authentication_certificateblocks as defined below. - autoscale
Configuration ApplicationGateway Autoscale Configuration - An
autoscale_configurationblock as defined below. - custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> - One or more
custom_error_configurationblocks as defined below. - enable
Http2 Boolean - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips
Enabled Boolean - Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId - The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- global
Application
Gateway Global - A
globalblock as defined below. - identity
Application
Gateway Identity - An
identityblock as defined below. - location String
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Link List<ApplicationConfigurations Gateway Private Link Configuration> - One or more
private_link_configurationblocks as defined below. - probes
List<Application
Gateway Probe> - One or more
probeblocks as defined below. - redirect
Configurations List<ApplicationGateway Redirect Configuration> - One or more
redirect_configurationblocks as defined below. - rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - ssl
Certificates List<ApplicationGateway Ssl Certificate> - One or more
ssl_certificateblocks as defined below. - ssl
Policy ApplicationGateway Ssl Policy - a
ssl_policyblock as defined below. - ssl
Profiles List<ApplicationGateway Ssl Profile> - One or more
ssl_profileblocks as defined below. - Map<String,String>
- A mapping of tags to assign to the resource.
- trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> - One or more
trusted_client_certificateblocks as defined below. - trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> - One or more
trusted_root_certificateblocks as defined below. - url
Path List<ApplicationMaps Gateway Url Path Map> - One or more
url_path_mapblocks as defined below. - waf
Configuration ApplicationGateway Waf Configuration - A
waf_configurationblock as defined below. - zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- backend
Address ApplicationPools Gateway Backend Address Pool[] - One or more
backend_address_poolblocks as defined below. - backend
Http ApplicationSettings Gateway Backend Http Setting[] - One or more
backend_http_settingsblocks as defined below. - frontend
Ip ApplicationConfigurations Gateway Frontend Ip Configuration[] - One or more
frontend_ip_configurationblocks as defined below. - frontend
Ports ApplicationGateway Frontend Port[] - One or more
frontend_portblocks as defined below. - gateway
Ip ApplicationConfigurations Gateway Gateway Ip Configuration[] - One or more
gateway_ip_configurationblocks as defined below. - http
Listeners ApplicationGateway Http Listener[] - One or more
http_listenerblocks as defined below. - request
Routing ApplicationRules Gateway Request Routing Rule[] - One or more
request_routing_ruleblocks as defined below. - resource
Group stringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku
Application
Gateway Sku - A
skublock as defined below. - authentication
Certificates ApplicationGateway Authentication Certificate[] - One or more
authentication_certificateblocks as defined below. - autoscale
Configuration ApplicationGateway Autoscale Configuration - An
autoscale_configurationblock as defined below. - custom
Error ApplicationConfigurations Gateway Custom Error Configuration[] - One or more
custom_error_configurationblocks as defined below. - enable
Http2 boolean - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips
Enabled boolean - Is FIPS enabled on the Application Gateway?
- firewall
Policy stringId - The ID of the Web Application Firewall Policy.
- force
Firewall booleanPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- global
Application
Gateway Global - A
globalblock as defined below. - identity
Application
Gateway Identity - An
identityblock as defined below. - location string
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name string
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Link ApplicationConfigurations Gateway Private Link Configuration[] - One or more
private_link_configurationblocks as defined below. - probes
Application
Gateway Probe[] - One or more
probeblocks as defined below. - redirect
Configurations ApplicationGateway Redirect Configuration[] - One or more
redirect_configurationblocks as defined below. - rewrite
Rule ApplicationSets Gateway Rewrite Rule Set[] - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - ssl
Certificates ApplicationGateway Ssl Certificate[] - One or more
ssl_certificateblocks as defined below. - ssl
Policy ApplicationGateway Ssl Policy - a
ssl_policyblock as defined below. - ssl
Profiles ApplicationGateway Ssl Profile[] - One or more
ssl_profileblocks as defined below. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- trusted
Client ApplicationCertificates Gateway Trusted Client Certificate[] - One or more
trusted_client_certificateblocks as defined below. - trusted
Root ApplicationCertificates Gateway Trusted Root Certificate[] - One or more
trusted_root_certificateblocks as defined below. - url
Path ApplicationMaps Gateway Url Path Map[] - One or more
url_path_mapblocks as defined below. - waf
Configuration ApplicationGateway Waf Configuration - A
waf_configurationblock as defined below. - zones string[]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- backend_
address_ Sequence[Applicationpools Gateway Backend Address Pool Args] - One or more
backend_address_poolblocks as defined below. - backend_
http_ Sequence[Applicationsettings Gateway Backend Http Setting Args] - One or more
backend_http_settingsblocks as defined below. - frontend_
ip_ Sequence[Applicationconfigurations Gateway Frontend Ip Configuration Args] - One or more
frontend_ip_configurationblocks as defined below. - frontend_
ports Sequence[ApplicationGateway Frontend Port Args] - One or more
frontend_portblocks as defined below. - gateway_
ip_ Sequence[Applicationconfigurations Gateway Gateway Ip Configuration Args] - One or more
gateway_ip_configurationblocks as defined below. - http_
listeners Sequence[ApplicationGateway Http Listener Args] - One or more
http_listenerblocks as defined below. - request_
routing_ Sequence[Applicationrules Gateway Request Routing Rule Args] - One or more
request_routing_ruleblocks as defined below. - resource_
group_ strname - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku
Application
Gateway Sku Args - A
skublock as defined below. - authentication_
certificates Sequence[ApplicationGateway Authentication Certificate Args] - One or more
authentication_certificateblocks as defined below. - autoscale_
configuration ApplicationGateway Autoscale Configuration Args - An
autoscale_configurationblock as defined below. - custom_
error_ Sequence[Applicationconfigurations Gateway Custom Error Configuration Args] - One or more
custom_error_configurationblocks as defined below. - enable_
http2 bool - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips_
enabled bool - Is FIPS enabled on the Application Gateway?
- firewall_
policy_ strid - The ID of the Web Application Firewall Policy.
- force_
firewall_ boolpolicy_ association - Is the Firewall Policy associated with the Application Gateway?
- global_
Application
Gateway Global Args - A
globalblock as defined below. - identity
Application
Gateway Identity Args - An
identityblock as defined below. - location str
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name str
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private_
link_ Sequence[Applicationconfigurations Gateway Private Link Configuration Args] - One or more
private_link_configurationblocks as defined below. - probes
Sequence[Application
Gateway Probe Args] - One or more
probeblocks as defined below. - redirect_
configurations Sequence[ApplicationGateway Redirect Configuration Args] - One or more
redirect_configurationblocks as defined below. - rewrite_
rule_ Sequence[Applicationsets Gateway Rewrite Rule Set Args] - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - ssl_
certificates Sequence[ApplicationGateway Ssl Certificate Args] - One or more
ssl_certificateblocks as defined below. - ssl_
policy ApplicationGateway Ssl Policy Args - a
ssl_policyblock as defined below. - ssl_
profiles Sequence[ApplicationGateway Ssl Profile Args] - One or more
ssl_profileblocks as defined below. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- trusted_
client_ Sequence[Applicationcertificates Gateway Trusted Client Certificate Args] - One or more
trusted_client_certificateblocks as defined below. - trusted_
root_ Sequence[Applicationcertificates Gateway Trusted Root Certificate Args] - One or more
trusted_root_certificateblocks as defined below. - url_
path_ Sequence[Applicationmaps Gateway Url Path Map Args] - One or more
url_path_mapblocks as defined below. - waf_
configuration ApplicationGateway Waf Configuration Args - A
waf_configurationblock as defined below. - zones Sequence[str]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- backend
Address List<Property Map>Pools - One or more
backend_address_poolblocks as defined below. - backend
Http List<Property Map>Settings - One or more
backend_http_settingsblocks as defined below. - frontend
Ip List<Property Map>Configurations - One or more
frontend_ip_configurationblocks as defined below. - frontend
Ports List<Property Map> - One or more
frontend_portblocks as defined below. - gateway
Ip List<Property Map>Configurations - One or more
gateway_ip_configurationblocks as defined below. - http
Listeners List<Property Map> - One or more
http_listenerblocks as defined below. - request
Routing List<Property Map>Rules - One or more
request_routing_ruleblocks as defined below. - resource
Group StringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- sku Property Map
- A
skublock as defined below. - authentication
Certificates List<Property Map> - One or more
authentication_certificateblocks as defined below. - autoscale
Configuration Property Map - An
autoscale_configurationblock as defined below. - custom
Error List<Property Map>Configurations - One or more
custom_error_configurationblocks as defined below. - enable
Http2 Boolean - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips
Enabled Boolean - Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId - The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- global Property Map
- A
globalblock as defined below. - identity Property Map
- An
identityblock as defined below. - location String
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Link List<Property Map>Configurations - One or more
private_link_configurationblocks as defined below. - probes List<Property Map>
- One or more
probeblocks as defined below. - redirect
Configurations List<Property Map> - One or more
redirect_configurationblocks as defined below. - rewrite
Rule List<Property Map>Sets - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - ssl
Certificates List<Property Map> - One or more
ssl_certificateblocks as defined below. - ssl
Policy Property Map - a
ssl_policyblock as defined below. - ssl
Profiles List<Property Map> - One or more
ssl_profileblocks as defined below. - Map<String>
- A mapping of tags to assign to the resource.
- trusted
Client List<Property Map>Certificates - One or more
trusted_client_certificateblocks as defined below. - trusted
Root List<Property Map>Certificates - One or more
trusted_root_certificateblocks as defined below. - url
Path List<Property Map>Maps - One or more
url_path_mapblocks as defined below. - waf
Configuration Property Map - A
waf_configurationblock as defined below. - zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
Outputs
All input properties are implicitly available as output properties. Additionally, the ApplicationGateway resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> - A list of
private_endpoint_connectionblocks as defined below.
- Id string
- The provider-assigned unique ID for this managed resource.
- Private
Endpoint []ApplicationConnections Gateway Private Endpoint Connection - A list of
private_endpoint_connectionblocks as defined below.
- id String
- The provider-assigned unique ID for this managed resource.
- private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> - A list of
private_endpoint_connectionblocks as defined below.
- id string
- The provider-assigned unique ID for this managed resource.
- private
Endpoint ApplicationConnections Gateway Private Endpoint Connection[] - A list of
private_endpoint_connectionblocks as defined below.
- id str
- The provider-assigned unique ID for this managed resource.
- private_
endpoint_ Sequence[Applicationconnections Gateway Private Endpoint Connection] - A list of
private_endpoint_connectionblocks as defined below.
- id String
- The provider-assigned unique ID for this managed resource.
- private
Endpoint List<Property Map>Connections - A list of
private_endpoint_connectionblocks as defined below.
Look up Existing ApplicationGateway Resource
Get an existing ApplicationGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ApplicationGatewayState, opts?: CustomResourceOptions): ApplicationGateway@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication_certificates: Optional[Sequence[ApplicationGatewayAuthenticationCertificateArgs]] = None,
autoscale_configuration: Optional[ApplicationGatewayAutoscaleConfigurationArgs] = None,
backend_address_pools: Optional[Sequence[ApplicationGatewayBackendAddressPoolArgs]] = None,
backend_http_settings: Optional[Sequence[ApplicationGatewayBackendHttpSettingArgs]] = None,
custom_error_configurations: Optional[Sequence[ApplicationGatewayCustomErrorConfigurationArgs]] = None,
enable_http2: Optional[bool] = None,
fips_enabled: Optional[bool] = None,
firewall_policy_id: Optional[str] = None,
force_firewall_policy_association: Optional[bool] = None,
frontend_ip_configurations: Optional[Sequence[ApplicationGatewayFrontendIpConfigurationArgs]] = None,
frontend_ports: Optional[Sequence[ApplicationGatewayFrontendPortArgs]] = None,
gateway_ip_configurations: Optional[Sequence[ApplicationGatewayGatewayIpConfigurationArgs]] = None,
global_: Optional[ApplicationGatewayGlobalArgs] = None,
http_listeners: Optional[Sequence[ApplicationGatewayHttpListenerArgs]] = None,
identity: Optional[ApplicationGatewayIdentityArgs] = None,
location: Optional[str] = None,
name: Optional[str] = None,
private_endpoint_connections: Optional[Sequence[ApplicationGatewayPrivateEndpointConnectionArgs]] = None,
private_link_configurations: Optional[Sequence[ApplicationGatewayPrivateLinkConfigurationArgs]] = None,
probes: Optional[Sequence[ApplicationGatewayProbeArgs]] = None,
redirect_configurations: Optional[Sequence[ApplicationGatewayRedirectConfigurationArgs]] = None,
request_routing_rules: Optional[Sequence[ApplicationGatewayRequestRoutingRuleArgs]] = None,
resource_group_name: Optional[str] = None,
rewrite_rule_sets: Optional[Sequence[ApplicationGatewayRewriteRuleSetArgs]] = None,
sku: Optional[ApplicationGatewaySkuArgs] = None,
ssl_certificates: Optional[Sequence[ApplicationGatewaySslCertificateArgs]] = None,
ssl_policy: Optional[ApplicationGatewaySslPolicyArgs] = None,
ssl_profiles: Optional[Sequence[ApplicationGatewaySslProfileArgs]] = None,
tags: Optional[Mapping[str, str]] = None,
trusted_client_certificates: Optional[Sequence[ApplicationGatewayTrustedClientCertificateArgs]] = None,
trusted_root_certificates: Optional[Sequence[ApplicationGatewayTrustedRootCertificateArgs]] = None,
url_path_maps: Optional[Sequence[ApplicationGatewayUrlPathMapArgs]] = None,
waf_configuration: Optional[ApplicationGatewayWafConfigurationArgs] = None,
zones: Optional[Sequence[str]] = None) -> ApplicationGatewayfunc GetApplicationGateway(ctx *Context, name string, id IDInput, state *ApplicationGatewayState, opts ...ResourceOption) (*ApplicationGateway, error)public static ApplicationGateway Get(string name, Input<string> id, ApplicationGatewayState? state, CustomResourceOptions? opts = null)public static ApplicationGateway get(String name, Output<String> id, ApplicationGatewayState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Authentication
Certificates List<ApplicationGateway Authentication Certificate> - One or more
authentication_certificateblocks as defined below. - Autoscale
Configuration ApplicationGateway Autoscale Configuration - An
autoscale_configurationblock as defined below. - Backend
Address List<ApplicationPools Gateway Backend Address Pool> - One or more
backend_address_poolblocks as defined below. - Backend
Http List<ApplicationSettings Gateway Backend Http Setting> - One or more
backend_http_settingsblocks as defined below. - Custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> - One or more
custom_error_configurationblocks as defined below. - Enable
Http2 bool - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - Fips
Enabled bool - Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId - The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- Frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> - One or more
frontend_ip_configurationblocks as defined below. - Frontend
Ports List<ApplicationGateway Frontend Port> - One or more
frontend_portblocks as defined below. - Gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> - One or more
gateway_ip_configurationblocks as defined below. - Global
Application
Gateway Global - A
globalblock as defined below. - Http
Listeners List<ApplicationGateway Http Listener> - One or more
http_listenerblocks as defined below. - Identity
Application
Gateway Identity - An
identityblock as defined below. - Location string
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
- The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> - A list of
private_endpoint_connectionblocks as defined below. - Private
Link List<ApplicationConfigurations Gateway Private Link Configuration> - One or more
private_link_configurationblocks as defined below. - Probes
List<Application
Gateway Probe> - One or more
probeblocks as defined below. - Redirect
Configurations List<ApplicationGateway Redirect Configuration> - One or more
redirect_configurationblocks as defined below. - Request
Routing List<ApplicationRules Gateway Request Routing Rule> - One or more
request_routing_ruleblocks as defined below. - Resource
Group stringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - Sku
Application
Gateway Sku - A
skublock as defined below. - Ssl
Certificates List<ApplicationGateway Ssl Certificate> - One or more
ssl_certificateblocks as defined below. - Ssl
Policy ApplicationGateway Ssl Policy - a
ssl_policyblock as defined below. - Ssl
Profiles List<ApplicationGateway Ssl Profile> - One or more
ssl_profileblocks as defined below. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> - One or more
trusted_client_certificateblocks as defined below. - Trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> - One or more
trusted_root_certificateblocks as defined below. - Url
Path List<ApplicationMaps Gateway Url Path Map> - One or more
url_path_mapblocks as defined below. - Waf
Configuration ApplicationGateway Waf Configuration - A
waf_configurationblock as defined below. - Zones List<string>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- Authentication
Certificates []ApplicationGateway Authentication Certificate Args - One or more
authentication_certificateblocks as defined below. - Autoscale
Configuration ApplicationGateway Autoscale Configuration Args - An
autoscale_configurationblock as defined below. - Backend
Address []ApplicationPools Gateway Backend Address Pool Args - One or more
backend_address_poolblocks as defined below. - Backend
Http []ApplicationSettings Gateway Backend Http Setting Args - One or more
backend_http_settingsblocks as defined below. - Custom
Error []ApplicationConfigurations Gateway Custom Error Configuration Args - One or more
custom_error_configurationblocks as defined below. - Enable
Http2 bool - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - Fips
Enabled bool - Is FIPS enabled on the Application Gateway?
- Firewall
Policy stringId - The ID of the Web Application Firewall Policy.
- Force
Firewall boolPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- Frontend
Ip []ApplicationConfigurations Gateway Frontend Ip Configuration Args - One or more
frontend_ip_configurationblocks as defined below. - Frontend
Ports []ApplicationGateway Frontend Port Args - One or more
frontend_portblocks as defined below. - Gateway
Ip []ApplicationConfigurations Gateway Gateway Ip Configuration Args - One or more
gateway_ip_configurationblocks as defined below. - Global
Application
Gateway Global Args - A
globalblock as defined below. - Http
Listeners []ApplicationGateway Http Listener Args - One or more
http_listenerblocks as defined below. - Identity
Application
Gateway Identity Args - An
identityblock as defined below. - Location string
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- Name string
- The name of the Application Gateway. Changing this forces a new resource to be created.
- Private
Endpoint []ApplicationConnections Gateway Private Endpoint Connection Args - A list of
private_endpoint_connectionblocks as defined below. - Private
Link []ApplicationConfigurations Gateway Private Link Configuration Args - One or more
private_link_configurationblocks as defined below. - Probes
[]Application
Gateway Probe Args - One or more
probeblocks as defined below. - Redirect
Configurations []ApplicationGateway Redirect Configuration Args - One or more
redirect_configurationblocks as defined below. - Request
Routing []ApplicationRules Gateway Request Routing Rule Args - One or more
request_routing_ruleblocks as defined below. - Resource
Group stringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- Rewrite
Rule []ApplicationSets Gateway Rewrite Rule Set Args - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - Sku
Application
Gateway Sku Args - A
skublock as defined below. - Ssl
Certificates []ApplicationGateway Ssl Certificate Args - One or more
ssl_certificateblocks as defined below. - Ssl
Policy ApplicationGateway Ssl Policy Args - a
ssl_policyblock as defined below. - Ssl
Profiles []ApplicationGateway Ssl Profile Args - One or more
ssl_profileblocks as defined below. - map[string]string
- A mapping of tags to assign to the resource.
- Trusted
Client []ApplicationCertificates Gateway Trusted Client Certificate Args - One or more
trusted_client_certificateblocks as defined below. - Trusted
Root []ApplicationCertificates Gateway Trusted Root Certificate Args - One or more
trusted_root_certificateblocks as defined below. - Url
Path []ApplicationMaps Gateway Url Path Map Args - One or more
url_path_mapblocks as defined below. - Waf
Configuration ApplicationGateway Waf Configuration Args - A
waf_configurationblock as defined below. - Zones []string
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- authentication
Certificates List<ApplicationGateway Authentication Certificate> - One or more
authentication_certificateblocks as defined below. - autoscale
Configuration ApplicationGateway Autoscale Configuration - An
autoscale_configurationblock as defined below. - backend
Address List<ApplicationPools Gateway Backend Address Pool> - One or more
backend_address_poolblocks as defined below. - backend
Http List<ApplicationSettings Gateway Backend Http Setting> - One or more
backend_http_settingsblocks as defined below. - custom
Error List<ApplicationConfigurations Gateway Custom Error Configuration> - One or more
custom_error_configurationblocks as defined below. - enable
Http2 Boolean - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips
Enabled Boolean - Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId - The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- frontend
Ip List<ApplicationConfigurations Gateway Frontend Ip Configuration> - One or more
frontend_ip_configurationblocks as defined below. - frontend
Ports List<ApplicationGateway Frontend Port> - One or more
frontend_portblocks as defined below. - gateway
Ip List<ApplicationConfigurations Gateway Gateway Ip Configuration> - One or more
gateway_ip_configurationblocks as defined below. - global
Application
Gateway Global - A
globalblock as defined below. - http
Listeners List<ApplicationGateway Http Listener> - One or more
http_listenerblocks as defined below. - identity
Application
Gateway Identity - An
identityblock as defined below. - location String
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Endpoint List<ApplicationConnections Gateway Private Endpoint Connection> - A list of
private_endpoint_connectionblocks as defined below. - private
Link List<ApplicationConfigurations Gateway Private Link Configuration> - One or more
private_link_configurationblocks as defined below. - probes
List<Application
Gateway Probe> - One or more
probeblocks as defined below. - redirect
Configurations List<ApplicationGateway Redirect Configuration> - One or more
redirect_configurationblocks as defined below. - request
Routing List<ApplicationRules Gateway Request Routing Rule> - One or more
request_routing_ruleblocks as defined below. - resource
Group StringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite
Rule List<ApplicationSets Gateway Rewrite Rule Set> - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - sku
Application
Gateway Sku - A
skublock as defined below. - ssl
Certificates List<ApplicationGateway Ssl Certificate> - One or more
ssl_certificateblocks as defined below. - ssl
Policy ApplicationGateway Ssl Policy - a
ssl_policyblock as defined below. - ssl
Profiles List<ApplicationGateway Ssl Profile> - One or more
ssl_profileblocks as defined below. - Map<String,String>
- A mapping of tags to assign to the resource.
- trusted
Client List<ApplicationCertificates Gateway Trusted Client Certificate> - One or more
trusted_client_certificateblocks as defined below. - trusted
Root List<ApplicationCertificates Gateway Trusted Root Certificate> - One or more
trusted_root_certificateblocks as defined below. - url
Path List<ApplicationMaps Gateway Url Path Map> - One or more
url_path_mapblocks as defined below. - waf
Configuration ApplicationGateway Waf Configuration - A
waf_configurationblock as defined below. - zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- authentication
Certificates ApplicationGateway Authentication Certificate[] - One or more
authentication_certificateblocks as defined below. - autoscale
Configuration ApplicationGateway Autoscale Configuration - An
autoscale_configurationblock as defined below. - backend
Address ApplicationPools Gateway Backend Address Pool[] - One or more
backend_address_poolblocks as defined below. - backend
Http ApplicationSettings Gateway Backend Http Setting[] - One or more
backend_http_settingsblocks as defined below. - custom
Error ApplicationConfigurations Gateway Custom Error Configuration[] - One or more
custom_error_configurationblocks as defined below. - enable
Http2 boolean - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips
Enabled boolean - Is FIPS enabled on the Application Gateway?
- firewall
Policy stringId - The ID of the Web Application Firewall Policy.
- force
Firewall booleanPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- frontend
Ip ApplicationConfigurations Gateway Frontend Ip Configuration[] - One or more
frontend_ip_configurationblocks as defined below. - frontend
Ports ApplicationGateway Frontend Port[] - One or more
frontend_portblocks as defined below. - gateway
Ip ApplicationConfigurations Gateway Gateway Ip Configuration[] - One or more
gateway_ip_configurationblocks as defined below. - global
Application
Gateway Global - A
globalblock as defined below. - http
Listeners ApplicationGateway Http Listener[] - One or more
http_listenerblocks as defined below. - identity
Application
Gateway Identity - An
identityblock as defined below. - location string
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name string
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Endpoint ApplicationConnections Gateway Private Endpoint Connection[] - A list of
private_endpoint_connectionblocks as defined below. - private
Link ApplicationConfigurations Gateway Private Link Configuration[] - One or more
private_link_configurationblocks as defined below. - probes
Application
Gateway Probe[] - One or more
probeblocks as defined below. - redirect
Configurations ApplicationGateway Redirect Configuration[] - One or more
redirect_configurationblocks as defined below. - request
Routing ApplicationRules Gateway Request Routing Rule[] - One or more
request_routing_ruleblocks as defined below. - resource
Group stringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite
Rule ApplicationSets Gateway Rewrite Rule Set[] - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - sku
Application
Gateway Sku - A
skublock as defined below. - ssl
Certificates ApplicationGateway Ssl Certificate[] - One or more
ssl_certificateblocks as defined below. - ssl
Policy ApplicationGateway Ssl Policy - a
ssl_policyblock as defined below. - ssl
Profiles ApplicationGateway Ssl Profile[] - One or more
ssl_profileblocks as defined below. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- trusted
Client ApplicationCertificates Gateway Trusted Client Certificate[] - One or more
trusted_client_certificateblocks as defined below. - trusted
Root ApplicationCertificates Gateway Trusted Root Certificate[] - One or more
trusted_root_certificateblocks as defined below. - url
Path ApplicationMaps Gateway Url Path Map[] - One or more
url_path_mapblocks as defined below. - waf
Configuration ApplicationGateway Waf Configuration - A
waf_configurationblock as defined below. - zones string[]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- authentication_
certificates Sequence[ApplicationGateway Authentication Certificate Args] - One or more
authentication_certificateblocks as defined below. - autoscale_
configuration ApplicationGateway Autoscale Configuration Args - An
autoscale_configurationblock as defined below. - backend_
address_ Sequence[Applicationpools Gateway Backend Address Pool Args] - One or more
backend_address_poolblocks as defined below. - backend_
http_ Sequence[Applicationsettings Gateway Backend Http Setting Args] - One or more
backend_http_settingsblocks as defined below. - custom_
error_ Sequence[Applicationconfigurations Gateway Custom Error Configuration Args] - One or more
custom_error_configurationblocks as defined below. - enable_
http2 bool - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips_
enabled bool - Is FIPS enabled on the Application Gateway?
- firewall_
policy_ strid - The ID of the Web Application Firewall Policy.
- force_
firewall_ boolpolicy_ association - Is the Firewall Policy associated with the Application Gateway?
- frontend_
ip_ Sequence[Applicationconfigurations Gateway Frontend Ip Configuration Args] - One or more
frontend_ip_configurationblocks as defined below. - frontend_
ports Sequence[ApplicationGateway Frontend Port Args] - One or more
frontend_portblocks as defined below. - gateway_
ip_ Sequence[Applicationconfigurations Gateway Gateway Ip Configuration Args] - One or more
gateway_ip_configurationblocks as defined below. - global_
Application
Gateway Global Args - A
globalblock as defined below. - http_
listeners Sequence[ApplicationGateway Http Listener Args] - One or more
http_listenerblocks as defined below. - identity
Application
Gateway Identity Args - An
identityblock as defined below. - location str
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name str
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private_
endpoint_ Sequence[Applicationconnections Gateway Private Endpoint Connection Args] - A list of
private_endpoint_connectionblocks as defined below. - private_
link_ Sequence[Applicationconfigurations Gateway Private Link Configuration Args] - One or more
private_link_configurationblocks as defined below. - probes
Sequence[Application
Gateway Probe Args] - One or more
probeblocks as defined below. - redirect_
configurations Sequence[ApplicationGateway Redirect Configuration Args] - One or more
redirect_configurationblocks as defined below. - request_
routing_ Sequence[Applicationrules Gateway Request Routing Rule Args] - One or more
request_routing_ruleblocks as defined below. - resource_
group_ strname - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite_
rule_ Sequence[Applicationsets Gateway Rewrite Rule Set Args] - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - sku
Application
Gateway Sku Args - A
skublock as defined below. - ssl_
certificates Sequence[ApplicationGateway Ssl Certificate Args] - One or more
ssl_certificateblocks as defined below. - ssl_
policy ApplicationGateway Ssl Policy Args - a
ssl_policyblock as defined below. - ssl_
profiles Sequence[ApplicationGateway Ssl Profile Args] - One or more
ssl_profileblocks as defined below. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- trusted_
client_ Sequence[Applicationcertificates Gateway Trusted Client Certificate Args] - One or more
trusted_client_certificateblocks as defined below. - trusted_
root_ Sequence[Applicationcertificates Gateway Trusted Root Certificate Args] - One or more
trusted_root_certificateblocks as defined below. - url_
path_ Sequence[Applicationmaps Gateway Url Path Map Args] - One or more
url_path_mapblocks as defined below. - waf_
configuration ApplicationGateway Waf Configuration Args - A
waf_configurationblock as defined below. - zones Sequence[str]
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
- authentication
Certificates List<Property Map> - One or more
authentication_certificateblocks as defined below. - autoscale
Configuration Property Map - An
autoscale_configurationblock as defined below. - backend
Address List<Property Map>Pools - One or more
backend_address_poolblocks as defined below. - backend
Http List<Property Map>Settings - One or more
backend_http_settingsblocks as defined below. - custom
Error List<Property Map>Configurations - One or more
custom_error_configurationblocks as defined below. - enable
Http2 Boolean - Is HTTP2 enabled on the application gateway resource? Defaults to
false. - fips
Enabled Boolean - Is FIPS enabled on the Application Gateway?
- firewall
Policy StringId - The ID of the Web Application Firewall Policy.
- force
Firewall BooleanPolicy Association - Is the Firewall Policy associated with the Application Gateway?
- frontend
Ip List<Property Map>Configurations - One or more
frontend_ip_configurationblocks as defined below. - frontend
Ports List<Property Map> - One or more
frontend_portblocks as defined below. - gateway
Ip List<Property Map>Configurations - One or more
gateway_ip_configurationblocks as defined below. - global Property Map
- A
globalblock as defined below. - http
Listeners List<Property Map> - One or more
http_listenerblocks as defined below. - identity Property Map
- An
identityblock as defined below. - location String
- The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created.
- name String
- The name of the Application Gateway. Changing this forces a new resource to be created.
- private
Endpoint List<Property Map>Connections - A list of
private_endpoint_connectionblocks as defined below. - private
Link List<Property Map>Configurations - One or more
private_link_configurationblocks as defined below. - probes List<Property Map>
- One or more
probeblocks as defined below. - redirect
Configurations List<Property Map> - One or more
redirect_configurationblocks as defined below. - request
Routing List<Property Map>Rules - One or more
request_routing_ruleblocks as defined below. - resource
Group StringName - The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created.
- rewrite
Rule List<Property Map>Sets - One or more
rewrite_rule_setblocks as defined below. Only valid for v2 SKUs. - sku Property Map
- A
skublock as defined below. - ssl
Certificates List<Property Map> - One or more
ssl_certificateblocks as defined below. - ssl
Policy Property Map - a
ssl_policyblock as defined below. - ssl
Profiles List<Property Map> - One or more
ssl_profileblocks as defined below. - Map<String>
- A mapping of tags to assign to the resource.
- trusted
Client List<Property Map>Certificates - One or more
trusted_client_certificateblocks as defined below. - trusted
Root List<Property Map>Certificates - One or more
trusted_root_certificateblocks as defined below. - url
Path List<Property Map>Maps - One or more
url_path_mapblocks as defined below. - waf
Configuration Property Map - A
waf_configurationblock as defined below. - zones List<String>
Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created.
Please Note: Availability Zones are not supported in all regions at this time, please check the official documentation for more information. They are also only supported for v2 SKUs
Supporting Types
ApplicationGatewayAuthenticationCertificate, ApplicationGatewayAuthenticationCertificateArgs
ApplicationGatewayAutoscaleConfiguration, ApplicationGatewayAutoscaleConfigurationArgs
- Min
Capacity int - Minimum capacity for autoscaling. Accepted values are in the range
0to100. - Max
Capacity int - Maximum capacity for autoscaling. Accepted values are in the range
2to125.
- Min
Capacity int - Minimum capacity for autoscaling. Accepted values are in the range
0to100. - Max
Capacity int - Maximum capacity for autoscaling. Accepted values are in the range
2to125.
- min
Capacity Integer - Minimum capacity for autoscaling. Accepted values are in the range
0to100. - max
Capacity Integer - Maximum capacity for autoscaling. Accepted values are in the range
2to125.
- min
Capacity number - Minimum capacity for autoscaling. Accepted values are in the range
0to100. - max
Capacity number - Maximum capacity for autoscaling. Accepted values are in the range
2to125.
- min_
capacity int - Minimum capacity for autoscaling. Accepted values are in the range
0to100. - max_
capacity int - Maximum capacity for autoscaling. Accepted values are in the range
2to125.
- min
Capacity Number - Minimum capacity for autoscaling. Accepted values are in the range
0to100. - max
Capacity Number - Maximum capacity for autoscaling. Accepted values are in the range
2to125.
ApplicationGatewayBackendAddressPool, ApplicationGatewayBackendAddressPoolArgs
- Name string
- The name of the Backend Address Pool.
- Fqdns List<string>
- A list of FQDN's which should be part of the Backend Address Pool.
- Id string
- The ID of the Rewrite Rule Set
- Ip
Addresses List<string> - A list of IP Addresses which should be part of the Backend Address Pool.
- Name string
- The name of the Backend Address Pool.
- Fqdns []string
- A list of FQDN's which should be part of the Backend Address Pool.
- Id string
- The ID of the Rewrite Rule Set
- Ip
Addresses []string - A list of IP Addresses which should be part of the Backend Address Pool.
- name String
- The name of the Backend Address Pool.
- fqdns List<String>
- A list of FQDN's which should be part of the Backend Address Pool.
- id String
- The ID of the Rewrite Rule Set
- ip
Addresses List<String> - A list of IP Addresses which should be part of the Backend Address Pool.
- name string
- The name of the Backend Address Pool.
- fqdns string[]
- A list of FQDN's which should be part of the Backend Address Pool.
- id string
- The ID of the Rewrite Rule Set
- ip
Addresses string[] - A list of IP Addresses which should be part of the Backend Address Pool.
- name str
- The name of the Backend Address Pool.
- fqdns Sequence[str]
- A list of FQDN's which should be part of the Backend Address Pool.
- id str
- The ID of the Rewrite Rule Set
- ip_
addresses Sequence[str] - A list of IP Addresses which should be part of the Backend Address Pool.
- name String
- The name of the Backend Address Pool.
- fqdns List<String>
- A list of FQDN's which should be part of the Backend Address Pool.
- id String
- The ID of the Rewrite Rule Set
- ip
Addresses List<String> - A list of IP Addresses which should be part of the Backend Address Pool.
ApplicationGatewayBackendHttpSetting, ApplicationGatewayBackendHttpSettingArgs
- string
- Is Cookie-Based Affinity enabled? Possible values are
EnabledandDisabled. - Name string
- The name of the Backend HTTP Settings Collection.
- Port int
- The port which should be used for this Backend HTTP Settings Collection.
- Protocol string
- The Protocol which should be used. Possible values are
HttpandHttps. - string
- The name of the affinity cookie.
- Authentication
Certificates List<ApplicationGateway Backend Http Setting Authentication Certificate> - One or more
authentication_certificate_backendblocks as defined below. - Connection
Draining ApplicationGateway Backend Http Setting Connection Draining - A
connection_drainingblock as defined below. - Host
Name string - Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_addressis set totrue. - Id string
- The ID of the Rewrite Rule Set
- Path string
- The Path which should be used as a prefix for all HTTP requests.
- Pick
Host boolName From Backend Address - Whether host header should be picked from the host name of the backend server. Defaults to
false. - Probe
Id string - The ID of the associated Probe.
- Probe
Name string - The name of an associated HTTP Probe.
- Request
Timeout int - The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30. - Trusted
Root List<string>Certificate Names - A list of
trusted_root_certificatenames.
- string
- Is Cookie-Based Affinity enabled? Possible values are
EnabledandDisabled. - Name string
- The name of the Backend HTTP Settings Collection.
- Port int
- The port which should be used for this Backend HTTP Settings Collection.
- Protocol string
- The Protocol which should be used. Possible values are
HttpandHttps. - string
- The name of the affinity cookie.
- Authentication
Certificates []ApplicationGateway Backend Http Setting Authentication Certificate - One or more
authentication_certificate_backendblocks as defined below. - Connection
Draining ApplicationGateway Backend Http Setting Connection Draining - A
connection_drainingblock as defined below. - Host
Name string - Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_addressis set totrue. - Id string
- The ID of the Rewrite Rule Set
- Path string
- The Path which should be used as a prefix for all HTTP requests.
- Pick
Host boolName From Backend Address - Whether host header should be picked from the host name of the backend server. Defaults to
false. - Probe
Id string - The ID of the associated Probe.
- Probe
Name string - The name of an associated HTTP Probe.
- Request
Timeout int - The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30. - Trusted
Root []stringCertificate Names - A list of
trusted_root_certificatenames.
- String
- Is Cookie-Based Affinity enabled? Possible values are
EnabledandDisabled. - name String
- The name of the Backend HTTP Settings Collection.
- port Integer
- The port which should be used for this Backend HTTP Settings Collection.
- protocol String
- The Protocol which should be used. Possible values are
HttpandHttps. - String
- The name of the affinity cookie.
- authentication
Certificates List<ApplicationGateway Backend Http Setting Authentication Certificate> - One or more
authentication_certificate_backendblocks as defined below. - connection
Draining ApplicationGateway Backend Http Setting Connection Draining - A
connection_drainingblock as defined below. - host
Name String - Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_addressis set totrue. - id String
- The ID of the Rewrite Rule Set
- path String
- The Path which should be used as a prefix for all HTTP requests.
- pick
Host BooleanName From Backend Address - Whether host header should be picked from the host name of the backend server. Defaults to
false. - probe
Id String - The ID of the associated Probe.
- probe
Name String - The name of an associated HTTP Probe.
- request
Timeout Integer - The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30. - trusted
Root List<String>Certificate Names - A list of
trusted_root_certificatenames.
- string
- Is Cookie-Based Affinity enabled? Possible values are
EnabledandDisabled. - name string
- The name of the Backend HTTP Settings Collection.
- port number
- The port which should be used for this Backend HTTP Settings Collection.
- protocol string
- The Protocol which should be used. Possible values are
HttpandHttps. - string
- The name of the affinity cookie.
- authentication
Certificates ApplicationGateway Backend Http Setting Authentication Certificate[] - One or more
authentication_certificate_backendblocks as defined below. - connection
Draining ApplicationGateway Backend Http Setting Connection Draining - A
connection_drainingblock as defined below. - host
Name string - Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_addressis set totrue. - id string
- The ID of the Rewrite Rule Set
- path string
- The Path which should be used as a prefix for all HTTP requests.
- pick
Host booleanName From Backend Address - Whether host header should be picked from the host name of the backend server. Defaults to
false. - probe
Id string - The ID of the associated Probe.
- probe
Name string - The name of an associated HTTP Probe.
- request
Timeout number - The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30. - trusted
Root string[]Certificate Names - A list of
trusted_root_certificatenames.
- str
- Is Cookie-Based Affinity enabled? Possible values are
EnabledandDisabled. - name str
- The name of the Backend HTTP Settings Collection.
- port int
- The port which should be used for this Backend HTTP Settings Collection.
- protocol str
- The Protocol which should be used. Possible values are
HttpandHttps. - str
- The name of the affinity cookie.
- authentication_
certificates Sequence[ApplicationGateway Backend Http Setting Authentication Certificate] - One or more
authentication_certificate_backendblocks as defined below. - connection_
draining ApplicationGateway Backend Http Setting Connection Draining - A
connection_drainingblock as defined below. - host_
name str - Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_addressis set totrue. - id str
- The ID of the Rewrite Rule Set
- path str
- The Path which should be used as a prefix for all HTTP requests.
- pick_
host_ boolname_ from_ backend_ address - Whether host header should be picked from the host name of the backend server. Defaults to
false. - probe_
id str - The ID of the associated Probe.
- probe_
name str - The name of an associated HTTP Probe.
- request_
timeout int - The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30. - trusted_
root_ Sequence[str]certificate_ names - A list of
trusted_root_certificatenames.
- String
- Is Cookie-Based Affinity enabled? Possible values are
EnabledandDisabled. - name String
- The name of the Backend HTTP Settings Collection.
- port Number
- The port which should be used for this Backend HTTP Settings Collection.
- protocol String
- The Protocol which should be used. Possible values are
HttpandHttps. - String
- The name of the affinity cookie.
- authentication
Certificates List<Property Map> - One or more
authentication_certificate_backendblocks as defined below. - connection
Draining Property Map - A
connection_drainingblock as defined below. - host
Name String - Host header to be sent to the backend servers. Cannot be set if
pick_host_name_from_backend_addressis set totrue. - id String
- The ID of the Rewrite Rule Set
- path String
- The Path which should be used as a prefix for all HTTP requests.
- pick
Host BooleanName From Backend Address - Whether host header should be picked from the host name of the backend server. Defaults to
false. - probe
Id String - The ID of the associated Probe.
- probe
Name String - The name of an associated HTTP Probe.
- request
Timeout Number - The request timeout in seconds, which must be between 1 and 86400 seconds. Defaults to
30. - trusted
Root List<String>Certificate Names - A list of
trusted_root_certificatenames.
ApplicationGatewayBackendHttpSettingAuthenticationCertificate, ApplicationGatewayBackendHttpSettingAuthenticationCertificateArgs
ApplicationGatewayBackendHttpSettingConnectionDraining, ApplicationGatewayBackendHttpSettingConnectionDrainingArgs
- Drain
Timeout intSec - The number of seconds connection draining is active. Acceptable values are from
1second to3600seconds. - Enabled bool
- If connection draining is enabled or not.
- Drain
Timeout intSec - The number of seconds connection draining is active. Acceptable values are from
1second to3600seconds. - Enabled bool
- If connection draining is enabled or not.
- drain
Timeout IntegerSec - The number of seconds connection draining is active. Acceptable values are from
1second to3600seconds. - enabled Boolean
- If connection draining is enabled or not.
- drain
Timeout numberSec - The number of seconds connection draining is active. Acceptable values are from
1second to3600seconds. - enabled boolean
- If connection draining is enabled or not.
- drain_
timeout_ intsec - The number of seconds connection draining is active. Acceptable values are from
1second to3600seconds. - enabled bool
- If connection draining is enabled or not.
- drain
Timeout NumberSec - The number of seconds connection draining is active. Acceptable values are from
1second to3600seconds. - enabled Boolean
- If connection draining is enabled or not.
ApplicationGatewayCustomErrorConfiguration, ApplicationGatewayCustomErrorConfigurationArgs
- Custom
Error stringPage Url - Error page URL of the application gateway customer error.
- Status
Code string - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - Id string
- The ID of the Rewrite Rule Set
- Custom
Error stringPage Url - Error page URL of the application gateway customer error.
- Status
Code string - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - Id string
- The ID of the Rewrite Rule Set
- custom
Error StringPage Url - Error page URL of the application gateway customer error.
- status
Code String - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id String
- The ID of the Rewrite Rule Set
- custom
Error stringPage Url - Error page URL of the application gateway customer error.
- status
Code string - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id string
- The ID of the Rewrite Rule Set
- custom_
error_ strpage_ url - Error page URL of the application gateway customer error.
- status_
code str - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id str
- The ID of the Rewrite Rule Set
- custom
Error StringPage Url - Error page URL of the application gateway customer error.
- status
Code String - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id String
- The ID of the Rewrite Rule Set
ApplicationGatewayFrontendIpConfiguration, ApplicationGatewayFrontendIpConfigurationArgs
- Name string
- The name of the Frontend IP Configuration.
- Id string
- The ID of the Rewrite Rule Set
- Private
Ip stringAddress - The Private IP Address to use for the Application Gateway.
- Private
Ip stringAddress Allocation - The Allocation Method for the Private IP Address. Possible values are
DynamicandStatic. Defaults toDynamic. - Private
Link stringConfiguration Id - The ID of the associated private link configuration.
- Private
Link stringConfiguration Name - The name of the private link configuration to use for this frontend IP configuration.
- Public
Ip stringAddress Id - The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
skuof this Application Gateway. Please refer to the Azure documentation for public IP addresses for details. - Subnet
Id string - The ID of the Subnet.
- Name string
- The name of the Frontend IP Configuration.
- Id string
- The ID of the Rewrite Rule Set
- Private
Ip stringAddress - The Private IP Address to use for the Application Gateway.
- Private
Ip stringAddress Allocation - The Allocation Method for the Private IP Address. Possible values are
DynamicandStatic. Defaults toDynamic. - Private
Link stringConfiguration Id - The ID of the associated private link configuration.
- Private
Link stringConfiguration Name - The name of the private link configuration to use for this frontend IP configuration.
- Public
Ip stringAddress Id - The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
skuof this Application Gateway. Please refer to the Azure documentation for public IP addresses for details. - Subnet
Id string - The ID of the Subnet.
- name String
- The name of the Frontend IP Configuration.
- id String
- The ID of the Rewrite Rule Set
- private
Ip StringAddress - The Private IP Address to use for the Application Gateway.
- private
Ip StringAddress Allocation - The Allocation Method for the Private IP Address. Possible values are
DynamicandStatic. Defaults toDynamic. - private
Link StringConfiguration Id - The ID of the associated private link configuration.
- private
Link StringConfiguration Name - The name of the private link configuration to use for this frontend IP configuration.
- public
Ip StringAddress Id - The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
skuof this Application Gateway. Please refer to the Azure documentation for public IP addresses for details. - subnet
Id String - The ID of the Subnet.
- name string
- The name of the Frontend IP Configuration.
- id string
- The ID of the Rewrite Rule Set
- private
Ip stringAddress - The Private IP Address to use for the Application Gateway.
- private
Ip stringAddress Allocation - The Allocation Method for the Private IP Address. Possible values are
DynamicandStatic. Defaults toDynamic. - private
Link stringConfiguration Id - The ID of the associated private link configuration.
- private
Link stringConfiguration Name - The name of the private link configuration to use for this frontend IP configuration.
- public
Ip stringAddress Id - The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
skuof this Application Gateway. Please refer to the Azure documentation for public IP addresses for details. - subnet
Id string - The ID of the Subnet.
- name str
- The name of the Frontend IP Configuration.
- id str
- The ID of the Rewrite Rule Set
- private_
ip_ straddress - The Private IP Address to use for the Application Gateway.
- private_
ip_ straddress_ allocation - The Allocation Method for the Private IP Address. Possible values are
DynamicandStatic. Defaults toDynamic. - private_
link_ strconfiguration_ id - The ID of the associated private link configuration.
- private_
link_ strconfiguration_ name - The name of the private link configuration to use for this frontend IP configuration.
- public_
ip_ straddress_ id - The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
skuof this Application Gateway. Please refer to the Azure documentation for public IP addresses for details. - subnet_
id str - The ID of the Subnet.
- name String
- The name of the Frontend IP Configuration.
- id String
- The ID of the Rewrite Rule Set
- private
Ip StringAddress - The Private IP Address to use for the Application Gateway.
- private
Ip StringAddress Allocation - The Allocation Method for the Private IP Address. Possible values are
DynamicandStatic. Defaults toDynamic. - private
Link StringConfiguration Id - The ID of the associated private link configuration.
- private
Link StringConfiguration Name - The name of the private link configuration to use for this frontend IP configuration.
- public
Ip StringAddress Id - The ID of a Public IP Address which the Application Gateway should use. The allocation method for the Public IP Address depends on the
skuof this Application Gateway. Please refer to the Azure documentation for public IP addresses for details. - subnet
Id String - The ID of the Subnet.
ApplicationGatewayFrontendPort, ApplicationGatewayFrontendPortArgs
ApplicationGatewayGatewayIpConfiguration, ApplicationGatewayGatewayIpConfigurationArgs
ApplicationGatewayGlobal, ApplicationGatewayGlobalArgs
- Request
Buffering boolEnabled - Whether Application Gateway's Request buffer is enabled.
- Response
Buffering boolEnabled - Whether Application Gateway's Response buffer is enabled.
- Request
Buffering boolEnabled - Whether Application Gateway's Request buffer is enabled.
- Response
Buffering boolEnabled - Whether Application Gateway's Response buffer is enabled.
- request
Buffering BooleanEnabled - Whether Application Gateway's Request buffer is enabled.
- response
Buffering BooleanEnabled - Whether Application Gateway's Response buffer is enabled.
- request
Buffering booleanEnabled - Whether Application Gateway's Request buffer is enabled.
- response
Buffering booleanEnabled - Whether Application Gateway's Response buffer is enabled.
- request_
buffering_ boolenabled - Whether Application Gateway's Request buffer is enabled.
- response_
buffering_ boolenabled - Whether Application Gateway's Response buffer is enabled.
- request
Buffering BooleanEnabled - Whether Application Gateway's Request buffer is enabled.
- response
Buffering BooleanEnabled - Whether Application Gateway's Response buffer is enabled.
ApplicationGatewayHttpListener, ApplicationGatewayHttpListenerArgs
- Frontend
Ip stringConfiguration Name - The Name of the Frontend IP Configuration used for this HTTP Listener.
- Frontend
Port stringName - The Name of the Frontend Port use for this HTTP Listener.
- Name string
- The Name of the HTTP Listener.
- Protocol string
- The Protocol to use for this HTTP Listener. Possible values are
HttpandHttps. - Custom
Error List<ApplicationConfigurations Gateway Http Listener Custom Error Configuration> - One or more
custom_error_configurationblocks as defined below. - Firewall
Policy stringId - The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- Frontend
Ip stringConfiguration Id - The ID of the associated Frontend Configuration.
- Frontend
Port stringId - The ID of the associated Frontend Port.
- Host
Name string - The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- Host
Names List<string> A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_namesandhost_nameare mutually exclusive and cannot both be set.- Id string
- The ID of the Rewrite Rule Set
- Require
Sni bool - Should Server Name Indication be Required? Defaults to
false. - Ssl
Certificate stringId - The ID of the associated SSL Certificate.
- Ssl
Certificate stringName - The name of the associated SSL Certificate which should be used for this HTTP Listener.
- Ssl
Profile stringId - The ID of the associated SSL Profile.
- Ssl
Profile stringName - The name of the associated SSL Profile which should be used for this HTTP Listener.
- Frontend
Ip stringConfiguration Name - The Name of the Frontend IP Configuration used for this HTTP Listener.
- Frontend
Port stringName - The Name of the Frontend Port use for this HTTP Listener.
- Name string
- The Name of the HTTP Listener.
- Protocol string
- The Protocol to use for this HTTP Listener. Possible values are
HttpandHttps. - Custom
Error []ApplicationConfigurations Gateway Http Listener Custom Error Configuration - One or more
custom_error_configurationblocks as defined below. - Firewall
Policy stringId - The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- Frontend
Ip stringConfiguration Id - The ID of the associated Frontend Configuration.
- Frontend
Port stringId - The ID of the associated Frontend Port.
- Host
Name string - The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- Host
Names []string A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_namesandhost_nameare mutually exclusive and cannot both be set.- Id string
- The ID of the Rewrite Rule Set
- Require
Sni bool - Should Server Name Indication be Required? Defaults to
false. - Ssl
Certificate stringId - The ID of the associated SSL Certificate.
- Ssl
Certificate stringName - The name of the associated SSL Certificate which should be used for this HTTP Listener.
- Ssl
Profile stringId - The ID of the associated SSL Profile.
- Ssl
Profile stringName - The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Name - The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend
Port StringName - The Name of the Frontend Port use for this HTTP Listener.
- name String
- The Name of the HTTP Listener.
- protocol String
- The Protocol to use for this HTTP Listener. Possible values are
HttpandHttps. - custom
Error List<ApplicationConfigurations Gateway Http Listener Custom Error Configuration> - One or more
custom_error_configurationblocks as defined below. - firewall
Policy StringId - The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Id - The ID of the associated Frontend Configuration.
- frontend
Port StringId - The ID of the associated Frontend Port.
- host
Name String - The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host
Names List<String> A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_namesandhost_nameare mutually exclusive and cannot both be set.- id String
- The ID of the Rewrite Rule Set
- require
Sni Boolean - Should Server Name Indication be Required? Defaults to
false. - ssl
Certificate StringId - The ID of the associated SSL Certificate.
- ssl
Certificate StringName - The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl
Profile StringId - The ID of the associated SSL Profile.
- ssl
Profile StringName - The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend
Ip stringConfiguration Name - The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend
Port stringName - The Name of the Frontend Port use for this HTTP Listener.
- name string
- The Name of the HTTP Listener.
- protocol string
- The Protocol to use for this HTTP Listener. Possible values are
HttpandHttps. - custom
Error ApplicationConfigurations Gateway Http Listener Custom Error Configuration[] - One or more
custom_error_configurationblocks as defined below. - firewall
Policy stringId - The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend
Ip stringConfiguration Id - The ID of the associated Frontend Configuration.
- frontend
Port stringId - The ID of the associated Frontend Port.
- host
Name string - The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host
Names string[] A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_namesandhost_nameare mutually exclusive and cannot both be set.- id string
- The ID of the Rewrite Rule Set
- require
Sni boolean - Should Server Name Indication be Required? Defaults to
false. - ssl
Certificate stringId - The ID of the associated SSL Certificate.
- ssl
Certificate stringName - The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl
Profile stringId - The ID of the associated SSL Profile.
- ssl
Profile stringName - The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend_
ip_ strconfiguration_ name - The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend_
port_ strname - The Name of the Frontend Port use for this HTTP Listener.
- name str
- The Name of the HTTP Listener.
- protocol str
- The Protocol to use for this HTTP Listener. Possible values are
HttpandHttps. - custom_
error_ Sequence[Applicationconfigurations Gateway Http Listener Custom Error Configuration] - One or more
custom_error_configurationblocks as defined below. - firewall_
policy_ strid - The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend_
ip_ strconfiguration_ id - The ID of the associated Frontend Configuration.
- frontend_
port_ strid - The ID of the associated Frontend Port.
- host_
name str - The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host_
names Sequence[str] A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_namesandhost_nameare mutually exclusive and cannot both be set.- id str
- The ID of the Rewrite Rule Set
- require_
sni bool - Should Server Name Indication be Required? Defaults to
false. - ssl_
certificate_ strid - The ID of the associated SSL Certificate.
- ssl_
certificate_ strname - The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl_
profile_ strid - The ID of the associated SSL Profile.
- ssl_
profile_ strname - The name of the associated SSL Profile which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Name - The Name of the Frontend IP Configuration used for this HTTP Listener.
- frontend
Port StringName - The Name of the Frontend Port use for this HTTP Listener.
- name String
- The Name of the HTTP Listener.
- protocol String
- The Protocol to use for this HTTP Listener. Possible values are
HttpandHttps. - custom
Error List<Property Map>Configurations - One or more
custom_error_configurationblocks as defined below. - firewall
Policy StringId - The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
- frontend
Ip StringConfiguration Id - The ID of the associated Frontend Configuration.
- frontend
Port StringId - The ID of the associated Frontend Port.
- host
Name String - The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
- host
Names List<String> A list of Hostname(s) should be used for this HTTP Listener. It allows special wildcard characters.
NOTE The
host_namesandhost_nameare mutually exclusive and cannot both be set.- id String
- The ID of the Rewrite Rule Set
- require
Sni Boolean - Should Server Name Indication be Required? Defaults to
false. - ssl
Certificate StringId - The ID of the associated SSL Certificate.
- ssl
Certificate StringName - The name of the associated SSL Certificate which should be used for this HTTP Listener.
- ssl
Profile StringId - The ID of the associated SSL Profile.
- ssl
Profile StringName - The name of the associated SSL Profile which should be used for this HTTP Listener.
ApplicationGatewayHttpListenerCustomErrorConfiguration, ApplicationGatewayHttpListenerCustomErrorConfigurationArgs
- Custom
Error stringPage Url - Error page URL of the application gateway customer error.
- Status
Code string - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - Id string
- The ID of the Rewrite Rule Set
- Custom
Error stringPage Url - Error page URL of the application gateway customer error.
- Status
Code string - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - Id string
- The ID of the Rewrite Rule Set
- custom
Error StringPage Url - Error page URL of the application gateway customer error.
- status
Code String - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id String
- The ID of the Rewrite Rule Set
- custom
Error stringPage Url - Error page URL of the application gateway customer error.
- status
Code string - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id string
- The ID of the Rewrite Rule Set
- custom_
error_ strpage_ url - Error page URL of the application gateway customer error.
- status_
code str - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id str
- The ID of the Rewrite Rule Set
- custom
Error StringPage Url - Error page URL of the application gateway customer error.
- status
Code String - Status code of the application gateway customer error. Possible values are
HttpStatus403andHttpStatus502 - id String
- The ID of the Rewrite Rule Set
ApplicationGatewayIdentity, ApplicationGatewayIdentityArgs
- Identity
Ids List<string> - Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned.
- Identity
Ids []string - Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned.
- identity
Ids List<String> - Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type String
- Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned.
- identity
Ids string[] - Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type string
- Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned.
- identity_
ids Sequence[str] - Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type str
- Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned.
- identity
Ids List<String> - Specifies a list of User Assigned Managed Identity IDs to be assigned to this Application Gateway.
- type String
- Specifies the type of Managed Service Identity that should be configured on this Application Gateway. Only possible value is
UserAssigned.
ApplicationGatewayPrivateEndpointConnection, ApplicationGatewayPrivateEndpointConnectionArgs
ApplicationGatewayPrivateLinkConfiguration, ApplicationGatewayPrivateLinkConfigurationArgs
- Ip
Configurations List<ApplicationGateway Private Link Configuration Ip Configuration> One or more
ip_configurationblocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLinkfeature must be registered on the subscription before enabling private linkaz feature register --name AllowApplicationGatewayPrivateLink --namespace Microsoft.Network- Name string
- The name of the private link configuration.
- Id string
- The ID of the Rewrite Rule Set
- Ip
Configurations []ApplicationGateway Private Link Configuration Ip Configuration One or more
ip_configurationblocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLinkfeature must be registered on the subscription before enabling private linkaz feature register --name AllowApplicationGatewayPrivateLink --namespace Microsoft.Network- Name string
- The name of the private link configuration.
- Id string
- The ID of the Rewrite Rule Set
- ip
Configurations List<ApplicationGateway Private Link Configuration Ip Configuration> One or more
ip_configurationblocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLinkfeature must be registered on the subscription before enabling private linkaz feature register --name AllowApplicationGatewayPrivateLink --namespace Microsoft.Network- name String
- The name of the private link configuration.
- id String
- The ID of the Rewrite Rule Set
- ip
Configurations ApplicationGateway Private Link Configuration Ip Configuration[] One or more
ip_configurationblocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLinkfeature must be registered on the subscription before enabling private linkaz feature register --name AllowApplicationGatewayPrivateLink --namespace Microsoft.Network- name string
- The name of the private link configuration.
- id string
- The ID of the Rewrite Rule Set
- ip_
configurations Sequence[ApplicationGateway Private Link Configuration Ip Configuration] One or more
ip_configurationblocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLinkfeature must be registered on the subscription before enabling private linkaz feature register --name AllowApplicationGatewayPrivateLink --namespace Microsoft.Network- name str
- The name of the private link configuration.
- id str
- The ID of the Rewrite Rule Set
- ip
Configurations List<Property Map> One or more
ip_configurationblocks as defined below.Please Note: The
AllowApplicationGatewayPrivateLinkfeature must be registered on the subscription before enabling private linkaz feature register --name AllowApplicationGatewayPrivateLink --namespace Microsoft.Network- name String
- The name of the private link configuration.
- id String
- The ID of the Rewrite Rule Set
ApplicationGatewayPrivateLinkConfigurationIpConfiguration, ApplicationGatewayPrivateLinkConfigurationIpConfigurationArgs
- Name string
- The name of the IP configuration.
- Primary bool
- Is this the Primary IP Configuration?
- Private
Ip stringAddress Allocation - The allocation method used for the Private IP Address. Possible values are
DynamicandStatic. - Subnet
Id string - The ID of the subnet the private link configuration should connect to.
- Private
Ip stringAddress - The Static IP Address which should be used.
- Name string
- The name of the IP configuration.
- Primary bool
- Is this the Primary IP Configuration?
- Private
Ip stringAddress Allocation - The allocation method used for the Private IP Address. Possible values are
DynamicandStatic. - Subnet
Id string - The ID of the subnet the private link configuration should connect to.
- Private
Ip stringAddress - The Static IP Address which should be used.
- name String
- The name of the IP configuration.
- primary Boolean
- Is this the Primary IP Configuration?
- private
Ip StringAddress Allocation - The allocation method used for the Private IP Address. Possible values are
DynamicandStatic. - subnet
Id String - The ID of the subnet the private link configuration should connect to.
- private
Ip StringAddress - The Static IP Address which should be used.
- name string
- The name of the IP configuration.
- primary boolean
- Is this the Primary IP Configuration?
- private
Ip stringAddress Allocation - The allocation method used for the Private IP Address. Possible values are
DynamicandStatic. - subnet
Id string - The ID of the subnet the private link configuration should connect to.
- private
Ip stringAddress - The Static IP Address which should be used.
- name str
- The name of the IP configuration.
- primary bool
- Is this the Primary IP Configuration?
- private_
ip_ straddress_ allocation - The allocation method used for the Private IP Address. Possible values are
DynamicandStatic. - subnet_
id str - The ID of the subnet the private link configuration should connect to.
- private_
ip_ straddress - The Static IP Address which should be used.
- name String
- The name of the IP configuration.
- primary Boolean
- Is this the Primary IP Configuration?
- private
Ip StringAddress Allocation - The allocation method used for the Private IP Address. Possible values are
DynamicandStatic. - subnet
Id String - The ID of the subnet the private link configuration should connect to.
- private
Ip StringAddress - The Static IP Address which should be used.
ApplicationGatewayProbe, ApplicationGatewayProbeArgs
- Interval int
- The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- Name string
- The Name of the Probe.
- Path string
- The Path used for this Probe.
- Protocol string
- The Protocol used for this Probe. Possible values are
HttpandHttps. - Timeout int
- The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- Unhealthy
Threshold int - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- Host string
- The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settingsis set totrue. - Id string
- The ID of the Rewrite Rule Set
- Match
Application
Gateway Probe Match - A
matchblock as defined above. - Minimum
Servers int - The minimum number of servers that are always marked as healthy. Defaults to
0. - Pick
Host boolName From Backend Http Settings - Whether the host header should be picked from the backend HTTP settings. Defaults to
false. - Port int
- Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- Interval int
- The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- Name string
- The Name of the Probe.
- Path string
- The Path used for this Probe.
- Protocol string
- The Protocol used for this Probe. Possible values are
HttpandHttps. - Timeout int
- The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- Unhealthy
Threshold int - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- Host string
- The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settingsis set totrue. - Id string
- The ID of the Rewrite Rule Set
- Match
Application
Gateway Probe Match - A
matchblock as defined above. - Minimum
Servers int - The minimum number of servers that are always marked as healthy. Defaults to
0. - Pick
Host boolName From Backend Http Settings - Whether the host header should be picked from the backend HTTP settings. Defaults to
false. - Port int
- Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval Integer
- The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name String
- The Name of the Probe.
- path String
- The Path used for this Probe.
- protocol String
- The Protocol used for this Probe. Possible values are
HttpandHttps. - timeout Integer
- The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy
Threshold Integer - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host String
- The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settingsis set totrue. - id String
- The ID of the Rewrite Rule Set
- match
Application
Gateway Probe Match - A
matchblock as defined above. - minimum
Servers Integer - The minimum number of servers that are always marked as healthy. Defaults to
0. - pick
Host BooleanName From Backend Http Settings - Whether the host header should be picked from the backend HTTP settings. Defaults to
false. - port Integer
- Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval number
- The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name string
- The Name of the Probe.
- path string
- The Path used for this Probe.
- protocol string
- The Protocol used for this Probe. Possible values are
HttpandHttps. - timeout number
- The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy
Threshold number - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host string
- The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settingsis set totrue. - id string
- The ID of the Rewrite Rule Set
- match
Application
Gateway Probe Match - A
matchblock as defined above. - minimum
Servers number - The minimum number of servers that are always marked as healthy. Defaults to
0. - pick
Host booleanName From Backend Http Settings - Whether the host header should be picked from the backend HTTP settings. Defaults to
false. - port number
- Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval int
- The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name str
- The Name of the Probe.
- path str
- The Path used for this Probe.
- protocol str
- The Protocol used for this Probe. Possible values are
HttpandHttps. - timeout int
- The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy_
threshold int - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host str
- The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settingsis set totrue. - id str
- The ID of the Rewrite Rule Set
- match
Application
Gateway Probe Match - A
matchblock as defined above. - minimum_
servers int - The minimum number of servers that are always marked as healthy. Defaults to
0. - pick_
host_ boolname_ from_ backend_ http_ settings - Whether the host header should be picked from the backend HTTP settings. Defaults to
false. - port int
- Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
- interval Number
- The Interval between two consecutive probes in seconds. Possible values range from 1 second to a maximum of 86,400 seconds.
- name String
- The Name of the Probe.
- path String
- The Path used for this Probe.
- protocol String
- The Protocol used for this Probe. Possible values are
HttpandHttps. - timeout Number
- The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
- unhealthy
Threshold Number - The Unhealthy Threshold for this Probe, which indicates the amount of retries which should be attempted before a node is deemed unhealthy. Possible values are from 1 to 20.
- host String
- The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as
127.0.0.1, unless otherwise configured in custom probe. Cannot be set ifpick_host_name_from_backend_http_settingsis set totrue. - id String
- The ID of the Rewrite Rule Set
- match Property Map
- A
matchblock as defined above. - minimum
Servers Number - The minimum number of servers that are always marked as healthy. Defaults to
0. - pick
Host BooleanName From Backend Http Settings - Whether the host header should be picked from the backend HTTP settings. Defaults to
false. - port Number
- Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from HTTP settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
ApplicationGatewayProbeMatch, ApplicationGatewayProbeMatchArgs
- Status
Codes List<string> - A list of allowed status codes for this Health Probe.
- Body string
- A snippet from the Response Body which must be present in the Response.
- Status
Codes []string - A list of allowed status codes for this Health Probe.
- Body string
- A snippet from the Response Body which must be present in the Response.
- status
Codes List<String> - A list of allowed status codes for this Health Probe.
- body String
- A snippet from the Response Body which must be present in the Response.
- status
Codes string[] - A list of allowed status codes for this Health Probe.
- body string
- A snippet from the Response Body which must be present in the Response.
- status_
codes Sequence[str] - A list of allowed status codes for this Health Probe.
- body str
- A snippet from the Response Body which must be present in the Response.
- status
Codes List<String> - A list of allowed status codes for this Health Probe.
- body String
- A snippet from the Response Body which must be present in the Response.
ApplicationGatewayRedirectConfiguration, ApplicationGatewayRedirectConfigurationArgs
- Name string
- Unique name of the redirect configuration block
- Redirect
Type string - The type of redirect. Possible values are
Permanent,Temporary,FoundandSeeOther - Id string
- The ID of the Rewrite Rule Set
- Include
Path bool - Whether to include the path in the redirected URL. Defaults to
false - Include
Query boolString - Whether to include the query string in the redirected URL. Default to
false - Target
Listener stringId - Target
Listener stringName - The name of the listener to redirect to. Cannot be set if
target_urlis set. - Target
Url string - The URL to redirect the request to. Cannot be set if
target_listener_nameis set.
- Name string
- Unique name of the redirect configuration block
- Redirect
Type string - The type of redirect. Possible values are
Permanent,Temporary,FoundandSeeOther - Id string
- The ID of the Rewrite Rule Set
- Include
Path bool - Whether to include the path in the redirected URL. Defaults to
false - Include
Query boolString - Whether to include the query string in the redirected URL. Default to
false - Target
Listener stringId - Target
Listener stringName - The name of the listener to redirect to. Cannot be set if
target_urlis set. - Target
Url string - The URL to redirect the request to. Cannot be set if
target_listener_nameis set.
- name String
- Unique name of the redirect configuration block
- redirect
Type String - The type of redirect. Possible values are
Permanent,Temporary,FoundandSeeOther - id String
- The ID of the Rewrite Rule Set
- include
Path Boolean - Whether to include the path in the redirected URL. Defaults to
false - include
Query BooleanString - Whether to include the query string in the redirected URL. Default to
false - target
Listener StringId - target
Listener StringName - The name of the listener to redirect to. Cannot be set if
target_urlis set. - target
Url String - The URL to redirect the request to. Cannot be set if
target_listener_nameis set.
- name string
- Unique name of the redirect configuration block
- redirect
Type string - The type of redirect. Possible values are
Permanent,Temporary,FoundandSeeOther - id string
- The ID of the Rewrite Rule Set
- include
Path boolean - Whether to include the path in the redirected URL. Defaults to
false - include
Query booleanString - Whether to include the query string in the redirected URL. Default to
false - target
Listener stringId - target
Listener stringName - The name of the listener to redirect to. Cannot be set if
target_urlis set. - target
Url string - The URL to redirect the request to. Cannot be set if
target_listener_nameis set.
- name str
- Unique name of the redirect configuration block
- redirect_
type str - The type of redirect. Possible values are
Permanent,Temporary,FoundandSeeOther - id str
- The ID of the Rewrite Rule Set
- include_
path bool - Whether to include the path in the redirected URL. Defaults to
false - include_
query_ boolstring - Whether to include the query string in the redirected URL. Default to
false - target_
listener_ strid - target_
listener_ strname - The name of the listener to redirect to. Cannot be set if
target_urlis set. - target_
url str - The URL to redirect the request to. Cannot be set if
target_listener_nameis set.
- name String
- Unique name of the redirect configuration block
- redirect
Type String - The type of redirect. Possible values are
Permanent,Temporary,FoundandSeeOther - id String
- The ID of the Rewrite Rule Set
- include
Path Boolean - Whether to include the path in the redirected URL. Defaults to
false - include
Query BooleanString - Whether to include the query string in the redirected URL. Default to
false - target
Listener StringId - target
Listener StringName - The name of the listener to redirect to. Cannot be set if
target_urlis set. - target
Url String - The URL to redirect the request to. Cannot be set if
target_listener_nameis set.
ApplicationGatewayRequestRoutingRule, ApplicationGatewayRequestRoutingRuleArgs
- Http
Listener stringName - The Name of the HTTP Listener which should be used for this Routing Rule.
- Name string
- The Name of this Request Routing Rule.
- Rule
Type string - The Type of Routing that should be used for this Rule. Possible values are
BasicandPathBasedRouting. - Backend
Address stringPool Id - The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - Backend
Http stringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - Http
Listener stringId - The ID of the associated HTTP Listener.
- Id string
- The ID of the Rewrite Rule Set
- Priority int
Rule evaluation order can be dictated by specifying an integer value from
1to20000with1being the highest priority and20000being the lowest priority.NOTE:
priorityis required whensku[0].tieris set to*_v2.- Redirect
Configuration stringId - The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_nameorbackend_http_settings_nameis set. - Rewrite
Rule stringSet Id - The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name,backend_http_settings_name,redirect_configuration_name, andrewrite_rule_set_nameare applicable only whenrule_typeisBasic.- Url
Path stringMap Id - The ID of the associated URL Path Map.
- Url
Path stringMap Name - The Name of the URL Path Map which should be associated with this Routing Rule.
- Http
Listener stringName - The Name of the HTTP Listener which should be used for this Routing Rule.
- Name string
- The Name of this Request Routing Rule.
- Rule
Type string - The Type of Routing that should be used for this Rule. Possible values are
BasicandPathBasedRouting. - Backend
Address stringPool Id - The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - Backend
Http stringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - Http
Listener stringId - The ID of the associated HTTP Listener.
- Id string
- The ID of the Rewrite Rule Set
- Priority int
Rule evaluation order can be dictated by specifying an integer value from
1to20000with1being the highest priority and20000being the lowest priority.NOTE:
priorityis required whensku[0].tieris set to*_v2.- Redirect
Configuration stringId - The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_nameorbackend_http_settings_nameis set. - Rewrite
Rule stringSet Id - The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name,backend_http_settings_name,redirect_configuration_name, andrewrite_rule_set_nameare applicable only whenrule_typeisBasic.- Url
Path stringMap Id - The ID of the associated URL Path Map.
- Url
Path stringMap Name - The Name of the URL Path Map which should be associated with this Routing Rule.
- http
Listener StringName - The Name of the HTTP Listener which should be used for this Routing Rule.
- name String
- The Name of this Request Routing Rule.
- rule
Type String - The Type of Routing that should be used for this Rule. Possible values are
BasicandPathBasedRouting. - backend
Address StringPool Id - The ID of the associated Backend Address Pool.
- backend
Address StringPool Name - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - backend
Http StringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - http
Listener StringId - The ID of the associated HTTP Listener.
- id String
- The ID of the Rewrite Rule Set
- priority Integer
Rule evaluation order can be dictated by specifying an integer value from
1to20000with1being the highest priority and20000being the lowest priority.NOTE:
priorityis required whensku[0].tieris set to*_v2.- redirect
Configuration StringId - The ID of the associated Redirect Configuration.
- redirect
Configuration StringName - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite
Rule StringSet Id - The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name,backend_http_settings_name,redirect_configuration_name, andrewrite_rule_set_nameare applicable only whenrule_typeisBasic.- url
Path StringMap Id - The ID of the associated URL Path Map.
- url
Path StringMap Name - The Name of the URL Path Map which should be associated with this Routing Rule.
- http
Listener stringName - The Name of the HTTP Listener which should be used for this Routing Rule.
- name string
- The Name of this Request Routing Rule.
- rule
Type string - The Type of Routing that should be used for this Rule. Possible values are
BasicandPathBasedRouting. - backend
Address stringPool Id - The ID of the associated Backend Address Pool.
- backend
Address stringPool Name - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - backend
Http stringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- backend
Http stringSettings Name - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - http
Listener stringId - The ID of the associated HTTP Listener.
- id string
- The ID of the Rewrite Rule Set
- priority number
Rule evaluation order can be dictated by specifying an integer value from
1to20000with1being the highest priority and20000being the lowest priority.NOTE:
priorityis required whensku[0].tieris set to*_v2.- redirect
Configuration stringId - The ID of the associated Redirect Configuration.
- redirect
Configuration stringName - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite
Rule stringSet Id - The ID of the associated Rewrite Rule Set.
- rewrite
Rule stringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name,backend_http_settings_name,redirect_configuration_name, andrewrite_rule_set_nameare applicable only whenrule_typeisBasic.- url
Path stringMap Id - The ID of the associated URL Path Map.
- url
Path stringMap Name - The Name of the URL Path Map which should be associated with this Routing Rule.
- http_
listener_ strname - The Name of the HTTP Listener which should be used for this Routing Rule.
- name str
- The Name of this Request Routing Rule.
- rule_
type str - The Type of Routing that should be used for this Rule. Possible values are
BasicandPathBasedRouting. - backend_
address_ strpool_ id - The ID of the associated Backend Address Pool.
- backend_
address_ strpool_ name - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - backend_
http_ strsettings_ id - The ID of the associated Backend HTTP Settings Configuration.
- backend_
http_ strsettings_ name - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - http_
listener_ strid - The ID of the associated HTTP Listener.
- id str
- The ID of the Rewrite Rule Set
- priority int
Rule evaluation order can be dictated by specifying an integer value from
1to20000with1being the highest priority and20000being the lowest priority.NOTE:
priorityis required whensku[0].tieris set to*_v2.- redirect_
configuration_ strid - The ID of the associated Redirect Configuration.
- redirect_
configuration_ strname - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite_
rule_ strset_ id - The ID of the associated Rewrite Rule Set.
- rewrite_
rule_ strset_ name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name,backend_http_settings_name,redirect_configuration_name, andrewrite_rule_set_nameare applicable only whenrule_typeisBasic.- url_
path_ strmap_ id - The ID of the associated URL Path Map.
- url_
path_ strmap_ name - The Name of the URL Path Map which should be associated with this Routing Rule.
- http
Listener StringName - The Name of the HTTP Listener which should be used for this Routing Rule.
- name String
- The Name of this Request Routing Rule.
- rule
Type String - The Type of Routing that should be used for this Rule. Possible values are
BasicandPathBasedRouting. - backend
Address StringPool Id - The ID of the associated Backend Address Pool.
- backend
Address StringPool Name - The Name of the Backend Address Pool which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - backend
Http StringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name - The Name of the Backend HTTP Settings Collection which should be used for this Routing Rule. Cannot be set if
redirect_configuration_nameis set. - http
Listener StringId - The ID of the associated HTTP Listener.
- id String
- The ID of the Rewrite Rule Set
- priority Number
Rule evaluation order can be dictated by specifying an integer value from
1to20000with1being the highest priority and20000being the lowest priority.NOTE:
priorityis required whensku[0].tieris set to*_v2.- redirect
Configuration StringId - The ID of the associated Redirect Configuration.
- redirect
Configuration StringName - The Name of the Redirect Configuration which should be used for this Routing Rule. Cannot be set if either
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite
Rule StringSet Id - The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name The Name of the Rewrite Rule Set which should be used for this Routing Rule. Only valid for v2 SKUs.
NOTE:
backend_address_pool_name,backend_http_settings_name,redirect_configuration_name, andrewrite_rule_set_nameare applicable only whenrule_typeisBasic.- url
Path StringMap Id - The ID of the associated URL Path Map.
- url
Path StringMap Name - The Name of the URL Path Map which should be associated with this Routing Rule.
ApplicationGatewayRewriteRuleSet, ApplicationGatewayRewriteRuleSetArgs
- Name string
- Unique name of the rewrite rule set block
- Id string
- The ID of the Rewrite Rule Set
- Rewrite
Rules List<ApplicationGateway Rewrite Rule Set Rewrite Rule> - One or more
rewrite_ruleblocks as defined below.
- Name string
- Unique name of the rewrite rule set block
- Id string
- The ID of the Rewrite Rule Set
- Rewrite
Rules []ApplicationGateway Rewrite Rule Set Rewrite Rule - One or more
rewrite_ruleblocks as defined below.
- name String
- Unique name of the rewrite rule set block
- id String
- The ID of the Rewrite Rule Set
- rewrite
Rules List<ApplicationGateway Rewrite Rule Set Rewrite Rule> - One or more
rewrite_ruleblocks as defined below.
- name string
- Unique name of the rewrite rule set block
- id string
- The ID of the Rewrite Rule Set
- rewrite
Rules ApplicationGateway Rewrite Rule Set Rewrite Rule[] - One or more
rewrite_ruleblocks as defined below.
- name str
- Unique name of the rewrite rule set block
- id str
- The ID of the Rewrite Rule Set
- rewrite_
rules Sequence[ApplicationGateway Rewrite Rule Set Rewrite Rule] - One or more
rewrite_ruleblocks as defined below.
- name String
- Unique name of the rewrite rule set block
- id String
- The ID of the Rewrite Rule Set
- rewrite
Rules List<Property Map> - One or more
rewrite_ruleblocks as defined below.
ApplicationGatewayRewriteRuleSetRewriteRule, ApplicationGatewayRewriteRuleSetRewriteRuleArgs
- Name string
- Unique name of the rewrite rule block
- Rule
Sequence int - Rule sequence of the rewrite rule that determines the order of execution in a set.
- Conditions
List<Application
Gateway Rewrite Rule Set Rewrite Rule Condition> - One or more
conditionblocks as defined above. - Request
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration> - One or more
request_header_configurationblocks as defined above. - Response
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration> - One or more
response_header_configurationblocks as defined above. - Url
Application
Gateway Rewrite Rule Set Rewrite Rule Url - One
urlblock as defined below
- Name string
- Unique name of the rewrite rule block
- Rule
Sequence int - Rule sequence of the rewrite rule that determines the order of execution in a set.
- Conditions
[]Application
Gateway Rewrite Rule Set Rewrite Rule Condition - One or more
conditionblocks as defined above. - Request
Header []ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration - One or more
request_header_configurationblocks as defined above. - Response
Header []ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration - One or more
response_header_configurationblocks as defined above. - Url
Application
Gateway Rewrite Rule Set Rewrite Rule Url - One
urlblock as defined below
- name String
- Unique name of the rewrite rule block
- rule
Sequence Integer - Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions
List<Application
Gateway Rewrite Rule Set Rewrite Rule Condition> - One or more
conditionblocks as defined above. - request
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration> - One or more
request_header_configurationblocks as defined above. - response
Header List<ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration> - One or more
response_header_configurationblocks as defined above. - url
Application
Gateway Rewrite Rule Set Rewrite Rule Url - One
urlblock as defined below
- name string
- Unique name of the rewrite rule block
- rule
Sequence number - Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions
Application
Gateway Rewrite Rule Set Rewrite Rule Condition[] - One or more
conditionblocks as defined above. - request
Header ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration[] - One or more
request_header_configurationblocks as defined above. - response
Header ApplicationConfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration[] - One or more
response_header_configurationblocks as defined above. - url
Application
Gateway Rewrite Rule Set Rewrite Rule Url - One
urlblock as defined below
- name str
- Unique name of the rewrite rule block
- rule_
sequence int - Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions
Sequence[Application
Gateway Rewrite Rule Set Rewrite Rule Condition] - One or more
conditionblocks as defined above. - request_
header_ Sequence[Applicationconfigurations Gateway Rewrite Rule Set Rewrite Rule Request Header Configuration] - One or more
request_header_configurationblocks as defined above. - response_
header_ Sequence[Applicationconfigurations Gateway Rewrite Rule Set Rewrite Rule Response Header Configuration] - One or more
response_header_configurationblocks as defined above. - url
Application
Gateway Rewrite Rule Set Rewrite Rule Url - One
urlblock as defined below
- name String
- Unique name of the rewrite rule block
- rule
Sequence Number - Rule sequence of the rewrite rule that determines the order of execution in a set.
- conditions List<Property Map>
- One or more
conditionblocks as defined above. - request
Header List<Property Map>Configurations - One or more
request_header_configurationblocks as defined above. - response
Header List<Property Map>Configurations - One or more
response_header_configurationblocks as defined above. - url Property Map
- One
urlblock as defined below
ApplicationGatewayRewriteRuleSetRewriteRuleCondition, ApplicationGatewayRewriteRuleSetRewriteRuleConditionArgs
- Pattern string
- The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- Variable string
- The variable of the condition.
- Ignore
Case bool - Perform a case in-sensitive comparison. Defaults to
false - Negate bool
- Negate the result of the condition evaluation. Defaults to
false
- Pattern string
- The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- Variable string
- The variable of the condition.
- Ignore
Case bool - Perform a case in-sensitive comparison. Defaults to
false - Negate bool
- Negate the result of the condition evaluation. Defaults to
false
- pattern String
- The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable String
- The variable of the condition.
- ignore
Case Boolean - Perform a case in-sensitive comparison. Defaults to
false - negate Boolean
- Negate the result of the condition evaluation. Defaults to
false
- pattern string
- The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable string
- The variable of the condition.
- ignore
Case boolean - Perform a case in-sensitive comparison. Defaults to
false - negate boolean
- Negate the result of the condition evaluation. Defaults to
false
- pattern str
- The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable str
- The variable of the condition.
- ignore_
case bool - Perform a case in-sensitive comparison. Defaults to
false - negate bool
- Negate the result of the condition evaluation. Defaults to
false
- pattern String
- The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
- variable String
- The variable of the condition.
- ignore
Case Boolean - Perform a case in-sensitive comparison. Defaults to
false - negate Boolean
- Negate the result of the condition evaluation. Defaults to
false
ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfiguration, ApplicationGatewayRewriteRuleSetRewriteRuleRequestHeaderConfigurationArgs
- Header
Name string - Header name of the header configuration.
- Header
Value string - Header value of the header configuration. To delete a request header set this property to an empty string.
- Header
Name string - Header name of the header configuration.
- Header
Value string - Header value of the header configuration. To delete a request header set this property to an empty string.
- header
Name String - Header name of the header configuration.
- header
Value String - Header value of the header configuration. To delete a request header set this property to an empty string.
- header
Name string - Header name of the header configuration.
- header
Value string - Header value of the header configuration. To delete a request header set this property to an empty string.
- header_
name str - Header name of the header configuration.
- header_
value str - Header value of the header configuration. To delete a request header set this property to an empty string.
- header
Name String - Header name of the header configuration.
- header
Value String - Header value of the header configuration. To delete a request header set this property to an empty string.
ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfiguration, ApplicationGatewayRewriteRuleSetRewriteRuleResponseHeaderConfigurationArgs
- Header
Name string - Header name of the header configuration.
- Header
Value string - Header value of the header configuration. To delete a response header set this property to an empty string.
- Header
Name string - Header name of the header configuration.
- Header
Value string - Header value of the header configuration. To delete a response header set this property to an empty string.
- header
Name String - Header name of the header configuration.
- header
Value String - Header value of the header configuration. To delete a response header set this property to an empty string.
- header
Name string - Header name of the header configuration.
- header
Value string - Header value of the header configuration. To delete a response header set this property to an empty string.
- header_
name str - Header name of the header configuration.
- header_
value str - Header value of the header configuration. To delete a response header set this property to an empty string.
- header
Name String - Header name of the header configuration.
- header
Value String - Header value of the header configuration. To delete a response header set this property to an empty string.
ApplicationGatewayRewriteRuleSetRewriteRuleUrl, ApplicationGatewayRewriteRuleSetRewriteRuleUrlArgs
- Components string
The components used to rewrite the URL. Possible values are
path_onlyandquery_string_onlyto limit the rewrite to the URL Path or URL Query String only.Note: One or both of
pathandquery_stringmust be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepathorquery_string, usecomponents.- Path string
- The URL path to rewrite.
- Query
String string - The query string to rewrite.
- Reroute bool
- Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configuration
- Components string
The components used to rewrite the URL. Possible values are
path_onlyandquery_string_onlyto limit the rewrite to the URL Path or URL Query String only.Note: One or both of
pathandquery_stringmust be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepathorquery_string, usecomponents.- Path string
- The URL path to rewrite.
- Query
String string - The query string to rewrite.
- Reroute bool
- Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configuration
- components String
The components used to rewrite the URL. Possible values are
path_onlyandquery_string_onlyto limit the rewrite to the URL Path or URL Query String only.Note: One or both of
pathandquery_stringmust be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepathorquery_string, usecomponents.- path String
- The URL path to rewrite.
- query
String String - The query string to rewrite.
- reroute Boolean
- Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configuration
- components string
The components used to rewrite the URL. Possible values are
path_onlyandquery_string_onlyto limit the rewrite to the URL Path or URL Query String only.Note: One or both of
pathandquery_stringmust be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepathorquery_string, usecomponents.- path string
- The URL path to rewrite.
- query
String string - The query string to rewrite.
- reroute boolean
- Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configuration
- components str
The components used to rewrite the URL. Possible values are
path_onlyandquery_string_onlyto limit the rewrite to the URL Path or URL Query String only.Note: One or both of
pathandquery_stringmust be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepathorquery_string, usecomponents.- path str
- The URL path to rewrite.
- query_
string str - The query string to rewrite.
- reroute bool
- Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configuration
- components String
The components used to rewrite the URL. Possible values are
path_onlyandquery_string_onlyto limit the rewrite to the URL Path or URL Query String only.Note: One or both of
pathandquery_stringmust be specified. If one of these is not specified, it means the value will be empty. If you only want to rewritepathorquery_string, usecomponents.- path String
- The URL path to rewrite.
- query
String String - The query string to rewrite.
- reroute Boolean
- Whether the URL path map should be reevaluated after this rewrite has been applied. More info on rewrite configuration
ApplicationGatewaySku, ApplicationGatewaySkuArgs
- Name string
- The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small,Standard_Medium,Standard_Large,Standard_v2,WAF_Medium,WAF_Large, andWAF_v2. - Tier string
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard,Standard_v2,WAFandWAF_v2.!> NOTE: The
StandardandWAFSKU have been deprecated in favour of theStandard_v2andWAF_v2SKU. Please see the Azure documentation for more details.- Capacity int
- The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between
1and32, and1to125for a V2 SKU. This property is optional ifautoscale_configurationis set.
- Name string
- The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small,Standard_Medium,Standard_Large,Standard_v2,WAF_Medium,WAF_Large, andWAF_v2. - Tier string
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard,Standard_v2,WAFandWAF_v2.!> NOTE: The
StandardandWAFSKU have been deprecated in favour of theStandard_v2andWAF_v2SKU. Please see the Azure documentation for more details.- Capacity int
- The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between
1and32, and1to125for a V2 SKU. This property is optional ifautoscale_configurationis set.
- name String
- The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small,Standard_Medium,Standard_Large,Standard_v2,WAF_Medium,WAF_Large, andWAF_v2. - tier String
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard,Standard_v2,WAFandWAF_v2.!> NOTE: The
StandardandWAFSKU have been deprecated in favour of theStandard_v2andWAF_v2SKU. Please see the Azure documentation for more details.- capacity Integer
- The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between
1and32, and1to125for a V2 SKU. This property is optional ifautoscale_configurationis set.
- name string
- The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small,Standard_Medium,Standard_Large,Standard_v2,WAF_Medium,WAF_Large, andWAF_v2. - tier string
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard,Standard_v2,WAFandWAF_v2.!> NOTE: The
StandardandWAFSKU have been deprecated in favour of theStandard_v2andWAF_v2SKU. Please see the Azure documentation for more details.- capacity number
- The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between
1and32, and1to125for a V2 SKU. This property is optional ifautoscale_configurationis set.
- name str
- The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small,Standard_Medium,Standard_Large,Standard_v2,WAF_Medium,WAF_Large, andWAF_v2. - tier str
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard,Standard_v2,WAFandWAF_v2.!> NOTE: The
StandardandWAFSKU have been deprecated in favour of theStandard_v2andWAF_v2SKU. Please see the Azure documentation for more details.- capacity int
- The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between
1and32, and1to125for a V2 SKU. This property is optional ifautoscale_configurationis set.
- name String
- The Name of the SKU to use for this Application Gateway. Possible values are
Standard_Small,Standard_Medium,Standard_Large,Standard_v2,WAF_Medium,WAF_Large, andWAF_v2. - tier String
The Tier of the SKU to use for this Application Gateway. Possible values are
Standard,Standard_v2,WAFandWAF_v2.!> NOTE: The
StandardandWAFSKU have been deprecated in favour of theStandard_v2andWAF_v2SKU. Please see the Azure documentation for more details.- capacity Number
- The Capacity of the SKU to use for this Application Gateway. When using a V1 SKU this value must be between
1and32, and1to125for a V2 SKU. This property is optional ifautoscale_configurationis set.
ApplicationGatewaySslCertificate, ApplicationGatewaySslCertificateArgs
- Name string
- The Name of the SSL certificate that is unique within this Application Gateway
- Data string
The base64-encoded PFX certificate data. Required if
key_vault_secret_idis not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")to encode the contents of that file.- Id string
- The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx) the
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- Password string
- Password for the pfx file specified in data. Required if
datais set. - Public
Cert stringData - The Public Certificate Data associated with the SSL Certificate.
- Name string
- The Name of the SSL certificate that is unique within this Application Gateway
- Data string
The base64-encoded PFX certificate data. Required if
key_vault_secret_idis not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")to encode the contents of that file.- Id string
- The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx) the
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- Password string
- Password for the pfx file specified in data. Required if
datais set. - Public
Cert stringData - The Public Certificate Data associated with the SSL Certificate.
- name String
- The Name of the SSL certificate that is unique within this Application Gateway
- data String
The base64-encoded PFX certificate data. Required if
key_vault_secret_idis not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")to encode the contents of that file.- id String
- The ID of the Rewrite Rule Set
- key
Vault StringSecret Id The Secret ID of (base-64 encoded unencrypted pfx) the
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password String
- Password for the pfx file specified in data. Required if
datais set. - public
Cert StringData - The Public Certificate Data associated with the SSL Certificate.
- name string
- The Name of the SSL certificate that is unique within this Application Gateway
- data string
The base64-encoded PFX certificate data. Required if
key_vault_secret_idis not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")to encode the contents of that file.- id string
- The ID of the Rewrite Rule Set
- key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx) the
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password string
- Password for the pfx file specified in data. Required if
datais set. - public
Cert stringData - The Public Certificate Data associated with the SSL Certificate.
- name str
- The Name of the SSL certificate that is unique within this Application Gateway
- data str
The base64-encoded PFX certificate data. Required if
key_vault_secret_idis not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")to encode the contents of that file.- id str
- The ID of the Rewrite Rule Set
- key_
vault_ strsecret_ id The Secret ID of (base-64 encoded unencrypted pfx) the
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password str
- Password for the pfx file specified in data. Required if
datais set. - public_
cert_ strdata - The Public Certificate Data associated with the SSL Certificate.
- name String
- The Name of the SSL certificate that is unique within this Application Gateway
- data String
The base64-encoded PFX certificate data. Required if
key_vault_secret_idis not set.NOTE: When specifying a file, use
data = filebase64("path/to/file")to encode the contents of that file.- id String
- The ID of the Rewrite Rule Set
- key
Vault StringSecret Id The Secret ID of (base-64 encoded unencrypted pfx) the
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.- password String
- Password for the pfx file specified in data. Required if
datais set. - public
Cert StringData - The Public Certificate Data associated with the SSL Certificate.
ApplicationGatewaySslPolicy, ApplicationGatewaySslPolicyArgs
- Cipher
Suites List<string> - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - Disabled
Protocols List<string> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- Min
Protocol stringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - Policy
Name string - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - Policy
Type string The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- Cipher
Suites []string - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - Disabled
Protocols []string A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- Min
Protocol stringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - Policy
Name string - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - Policy
Type string The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher
Suites List<String> - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min
Protocol StringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy
Name String - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy
Type String The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher
Suites string[] - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled
Protocols string[] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min
Protocol stringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy
Name string - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy
Type string The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher_
suites Sequence[str] - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled_
protocols Sequence[str] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min_
protocol_ strversion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy_
name str - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy_
type str The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher
Suites List<String> - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min
Protocol StringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy
Name String - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy
Type String The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
ApplicationGatewaySslProfile, ApplicationGatewaySslProfileArgs
- Name string
- The name of the SSL Profile that is unique within this Application Gateway.
- Id string
- The ID of the Rewrite Rule Set
- Ssl
Policy ApplicationGateway Ssl Profile Ssl Policy - a
ssl_policyblock as defined below. - Trusted
Client List<string>Certificate Names - The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- Verify
Client boolCert Issuer Dn - Should client certificate issuer DN be verified? Defaults to
false. - Verify
Client stringCertificate Revocation - Specify the method to check client certificate revocation status. Possible value is
OCSP.
- Name string
- The name of the SSL Profile that is unique within this Application Gateway.
- Id string
- The ID of the Rewrite Rule Set
- Ssl
Policy ApplicationGateway Ssl Profile Ssl Policy - a
ssl_policyblock as defined below. - Trusted
Client []stringCertificate Names - The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- Verify
Client boolCert Issuer Dn - Should client certificate issuer DN be verified? Defaults to
false. - Verify
Client stringCertificate Revocation - Specify the method to check client certificate revocation status. Possible value is
OCSP.
- name String
- The name of the SSL Profile that is unique within this Application Gateway.
- id String
- The ID of the Rewrite Rule Set
- ssl
Policy ApplicationGateway Ssl Profile Ssl Policy - a
ssl_policyblock as defined below. - trusted
Client List<String>Certificate Names - The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify
Client BooleanCert Issuer Dn - Should client certificate issuer DN be verified? Defaults to
false. - verify
Client StringCertificate Revocation - Specify the method to check client certificate revocation status. Possible value is
OCSP.
- name string
- The name of the SSL Profile that is unique within this Application Gateway.
- id string
- The ID of the Rewrite Rule Set
- ssl
Policy ApplicationGateway Ssl Profile Ssl Policy - a
ssl_policyblock as defined below. - trusted
Client string[]Certificate Names - The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify
Client booleanCert Issuer Dn - Should client certificate issuer DN be verified? Defaults to
false. - verify
Client stringCertificate Revocation - Specify the method to check client certificate revocation status. Possible value is
OCSP.
- name str
- The name of the SSL Profile that is unique within this Application Gateway.
- id str
- The ID of the Rewrite Rule Set
- ssl_
policy ApplicationGateway Ssl Profile Ssl Policy - a
ssl_policyblock as defined below. - trusted_
client_ Sequence[str]certificate_ names - The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify_
client_ boolcert_ issuer_ dn - Should client certificate issuer DN be verified? Defaults to
false. - verify_
client_ strcertificate_ revocation - Specify the method to check client certificate revocation status. Possible value is
OCSP.
- name String
- The name of the SSL Profile that is unique within this Application Gateway.
- id String
- The ID of the Rewrite Rule Set
- ssl
Policy Property Map - a
ssl_policyblock as defined below. - trusted
Client List<String>Certificate Names - The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
- verify
Client BooleanCert Issuer Dn - Should client certificate issuer DN be verified? Defaults to
false. - verify
Client StringCertificate Revocation - Specify the method to check client certificate revocation status. Possible value is
OCSP.
ApplicationGatewaySslProfileSslPolicy, ApplicationGatewaySslProfileSslPolicyArgs
- Cipher
Suites List<string> - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - Disabled
Protocols List<string> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- Min
Protocol stringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - Policy
Name string - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - Policy
Type string The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- Cipher
Suites []string - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - Disabled
Protocols []string A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- Min
Protocol stringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - Policy
Name string - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - Policy
Type string The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher
Suites List<String> - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min
Protocol StringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy
Name String - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy
Type String The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher
Suites string[] - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled
Protocols string[] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min
Protocol stringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy
Name string - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy
Type string The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher_
suites Sequence[str] - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled_
protocols Sequence[str] A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min_
protocol_ strversion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy_
name str - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy_
type str The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
- cipher
Suites List<String> - A List of accepted cipher suites. Possible values are:
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256andTLS_RSA_WITH_AES_256_GCM_SHA384. - disabled
Protocols List<String> A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3.NOTE:
disabled_protocolscannot be set whenpolicy_nameorpolicy_typeare set.- min
Protocol StringVersion - The minimal TLS version. Possible values are
TLSv1_0,TLSv1_1,TLSv1_2andTLSv1_3. - policy
Name String - The Name of the Policy e.g. AppGwSslPolicy20170401S. Required if
policy_typeis set toPredefined. Possible values can change over time and are published here https://docs.microsoft.com/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible withdisabled_protocols. - policy
Type String The Type of the Policy. Possible values are
Predefined,CustomandCustomV2.NOTE:
policy_typeis Required whenpolicy_nameis set - cannot be set ifdisabled_protocolsis set.
ApplicationGatewayTrustedClientCertificate, ApplicationGatewayTrustedClientCertificateArgs
ApplicationGatewayTrustedRootCertificate, ApplicationGatewayTrustedRootCertificateArgs
- Name string
- The Name of the Trusted Root Certificate to use.
- Data string
- The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_idis not set. - Id string
- The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- Name string
- The Name of the Trusted Root Certificate to use.
- Data string
- The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_idis not set. - Id string
- The ID of the Rewrite Rule Set
- Key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name String
- The Name of the Trusted Root Certificate to use.
- data String
- The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_idis not set. - id String
- The ID of the Rewrite Rule Set
- key
Vault StringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name string
- The Name of the Trusted Root Certificate to use.
- data string
- The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_idis not set. - id string
- The ID of the Rewrite Rule Set
- key
Vault stringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name str
- The Name of the Trusted Root Certificate to use.
- data str
- The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_idis not set. - id str
- The ID of the Rewrite Rule Set
- key_
vault_ strsecret_ id The Secret ID of (base-64 encoded unencrypted pfx)
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
- name String
- The Name of the Trusted Root Certificate to use.
- data String
- The contents of the Trusted Root Certificate which should be used. Required if
key_vault_secret_idis not set. - id String
- The ID of the Rewrite Rule Set
- key
Vault StringSecret Id The Secret ID of (base-64 encoded unencrypted pfx)
SecretorCertificateobject stored in Azure KeyVault. You need to enable soft delete for the Key Vault to use this feature. Required ifdatais not set.NOTE: TLS termination with Key Vault certificates is limited to the v2 SKUs.
NOTE: For TLS termination with Key Vault certificates to work properly existing user-assigned managed identity, which Application Gateway uses to retrieve certificates from Key Vault, should be defined via
identityblock. Additionally, access policies in the Key Vault to allow the identity to be granted get access to the secret should be defined.
ApplicationGatewayUrlPathMap, ApplicationGatewayUrlPathMapArgs
- Name string
- The Name of the URL Path Map.
- Path
Rules List<ApplicationGateway Url Path Map Path Rule> - One or more
path_ruleblocks as defined above. - Default
Backend stringAddress Pool Id - The ID of the Default Backend Address Pool.
- Default
Backend stringAddress Pool Name - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - Default
Backend stringHttp Settings Id - The ID of the Default Backend HTTP Settings Collection.
- Default
Backend stringHttp Settings Name - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - Default
Redirect stringConfiguration Id - The ID of the Default Redirect Configuration.
- Default
Redirect stringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_nameordefault_backend_http_settings_nameis set.NOTE: Both
default_backend_address_pool_nameanddefault_backend_http_settings_nameordefault_redirect_configuration_nameshould be specified.- Default
Rewrite stringRule Set Id - Default
Rewrite stringRule Set Name - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- Id string
- The ID of the Rewrite Rule Set
- Name string
- The Name of the URL Path Map.
- Path
Rules []ApplicationGateway Url Path Map Path Rule - One or more
path_ruleblocks as defined above. - Default
Backend stringAddress Pool Id - The ID of the Default Backend Address Pool.
- Default
Backend stringAddress Pool Name - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - Default
Backend stringHttp Settings Id - The ID of the Default Backend HTTP Settings Collection.
- Default
Backend stringHttp Settings Name - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - Default
Redirect stringConfiguration Id - The ID of the Default Redirect Configuration.
- Default
Redirect stringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_nameordefault_backend_http_settings_nameis set.NOTE: Both
default_backend_address_pool_nameanddefault_backend_http_settings_nameordefault_redirect_configuration_nameshould be specified.- Default
Rewrite stringRule Set Id - Default
Rewrite stringRule Set Name - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- Id string
- The ID of the Rewrite Rule Set
- name String
- The Name of the URL Path Map.
- path
Rules List<ApplicationGateway Url Path Map Path Rule> - One or more
path_ruleblocks as defined above. - default
Backend StringAddress Pool Id - The ID of the Default Backend Address Pool.
- default
Backend StringAddress Pool Name - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default
Backend StringHttp Settings Id - The ID of the Default Backend HTTP Settings Collection.
- default
Backend StringHttp Settings Name - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default
Redirect StringConfiguration Id - The ID of the Default Redirect Configuration.
- default
Redirect StringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_nameordefault_backend_http_settings_nameis set.NOTE: Both
default_backend_address_pool_nameanddefault_backend_http_settings_nameordefault_redirect_configuration_nameshould be specified.- default
Rewrite StringRule Set Id - default
Rewrite StringRule Set Name - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id String
- The ID of the Rewrite Rule Set
- name string
- The Name of the URL Path Map.
- path
Rules ApplicationGateway Url Path Map Path Rule[] - One or more
path_ruleblocks as defined above. - default
Backend stringAddress Pool Id - The ID of the Default Backend Address Pool.
- default
Backend stringAddress Pool Name - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default
Backend stringHttp Settings Id - The ID of the Default Backend HTTP Settings Collection.
- default
Backend stringHttp Settings Name - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default
Redirect stringConfiguration Id - The ID of the Default Redirect Configuration.
- default
Redirect stringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_nameordefault_backend_http_settings_nameis set.NOTE: Both
default_backend_address_pool_nameanddefault_backend_http_settings_nameordefault_redirect_configuration_nameshould be specified.- default
Rewrite stringRule Set Id - default
Rewrite stringRule Set Name - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id string
- The ID of the Rewrite Rule Set
- name str
- The Name of the URL Path Map.
- path_
rules Sequence[ApplicationGateway Url Path Map Path Rule] - One or more
path_ruleblocks as defined above. - default_
backend_ straddress_ pool_ id - The ID of the Default Backend Address Pool.
- default_
backend_ straddress_ pool_ name - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default_
backend_ strhttp_ settings_ id - The ID of the Default Backend HTTP Settings Collection.
- default_
backend_ strhttp_ settings_ name - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default_
redirect_ strconfiguration_ id - The ID of the Default Redirect Configuration.
- default_
redirect_ strconfiguration_ name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_nameordefault_backend_http_settings_nameis set.NOTE: Both
default_backend_address_pool_nameanddefault_backend_http_settings_nameordefault_redirect_configuration_nameshould be specified.- default_
rewrite_ strrule_ set_ id - default_
rewrite_ strrule_ set_ name - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id str
- The ID of the Rewrite Rule Set
- name String
- The Name of the URL Path Map.
- path
Rules List<Property Map> - One or more
path_ruleblocks as defined above. - default
Backend StringAddress Pool Id - The ID of the Default Backend Address Pool.
- default
Backend StringAddress Pool Name - The Name of the Default Backend Address Pool which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default
Backend StringHttp Settings Id - The ID of the Default Backend HTTP Settings Collection.
- default
Backend StringHttp Settings Name - The Name of the Default Backend HTTP Settings Collection which should be used for this URL Path Map. Cannot be set if
default_redirect_configuration_nameis set. - default
Redirect StringConfiguration Id - The ID of the Default Redirect Configuration.
- default
Redirect StringConfiguration Name The Name of the Default Redirect Configuration which should be used for this URL Path Map. Cannot be set if either
default_backend_address_pool_nameordefault_backend_http_settings_nameis set.NOTE: Both
default_backend_address_pool_nameanddefault_backend_http_settings_nameordefault_redirect_configuration_nameshould be specified.- default
Rewrite StringRule Set Id - default
Rewrite StringRule Set Name - The Name of the Default Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- id String
- The ID of the Rewrite Rule Set
ApplicationGatewayUrlPathMapPathRule, ApplicationGatewayUrlPathMapPathRuleArgs
- Name string
- The Name of the Path Rule.
- Paths List<string>
- A list of Paths used in this Path Rule.
- Backend
Address stringPool Id - The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - Backend
Http stringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - Firewall
Policy stringId - The ID of the Web Application Firewall Policy which should be used as an HTTP Listener.
- Id string
- The ID of the Rewrite Rule Set
- Redirect
Configuration stringId - The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_nameorbackend_http_settings_nameis set. - Rewrite
Rule stringSet Id - The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- Name string
- The Name of the Path Rule.
- Paths []string
- A list of Paths used in this Path Rule.
- Backend
Address stringPool Id - The ID of the associated Backend Address Pool.
- Backend
Address stringPool Name - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - Backend
Http stringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- Backend
Http stringSettings Name - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - Firewall
Policy stringId - The ID of the Web Application Firewall Policy which should be used as an HTTP Listener.
- Id string
- The ID of the Rewrite Rule Set
- Redirect
Configuration stringId - The ID of the associated Redirect Configuration.
- Redirect
Configuration stringName - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_nameorbackend_http_settings_nameis set. - Rewrite
Rule stringSet Id - The ID of the associated Rewrite Rule Set.
- Rewrite
Rule stringSet Name - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name String
- The Name of the Path Rule.
- paths List<String>
- A list of Paths used in this Path Rule.
- backend
Address StringPool Id - The ID of the associated Backend Address Pool.
- backend
Address StringPool Name - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - backend
Http StringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - firewall
Policy StringId - The ID of the Web Application Firewall Policy which should be used as an HTTP Listener.
- id String
- The ID of the Rewrite Rule Set
- redirect
Configuration StringId - The ID of the associated Redirect Configuration.
- redirect
Configuration StringName - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite
Rule StringSet Id - The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name string
- The Name of the Path Rule.
- paths string[]
- A list of Paths used in this Path Rule.
- backend
Address stringPool Id - The ID of the associated Backend Address Pool.
- backend
Address stringPool Name - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - backend
Http stringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- backend
Http stringSettings Name - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - firewall
Policy stringId - The ID of the Web Application Firewall Policy which should be used as an HTTP Listener.
- id string
- The ID of the Rewrite Rule Set
- redirect
Configuration stringId - The ID of the associated Redirect Configuration.
- redirect
Configuration stringName - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite
Rule stringSet Id - The ID of the associated Rewrite Rule Set.
- rewrite
Rule stringSet Name - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name str
- The Name of the Path Rule.
- paths Sequence[str]
- A list of Paths used in this Path Rule.
- backend_
address_ strpool_ id - The ID of the associated Backend Address Pool.
- backend_
address_ strpool_ name - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - backend_
http_ strsettings_ id - The ID of the associated Backend HTTP Settings Configuration.
- backend_
http_ strsettings_ name - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - firewall_
policy_ strid - The ID of the Web Application Firewall Policy which should be used as an HTTP Listener.
- id str
- The ID of the Rewrite Rule Set
- redirect_
configuration_ strid - The ID of the associated Redirect Configuration.
- redirect_
configuration_ strname - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite_
rule_ strset_ id - The ID of the associated Rewrite Rule Set.
- rewrite_
rule_ strset_ name - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
- name String
- The Name of the Path Rule.
- paths List<String>
- A list of Paths used in this Path Rule.
- backend
Address StringPool Id - The ID of the associated Backend Address Pool.
- backend
Address StringPool Name - The Name of the Backend Address Pool to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - backend
Http StringSettings Id - The ID of the associated Backend HTTP Settings Configuration.
- backend
Http StringSettings Name - The Name of the Backend HTTP Settings Collection to use for this Path Rule. Cannot be set if
redirect_configuration_nameis set. - firewall
Policy StringId - The ID of the Web Application Firewall Policy which should be used as an HTTP Listener.
- id String
- The ID of the Rewrite Rule Set
- redirect
Configuration StringId - The ID of the associated Redirect Configuration.
- redirect
Configuration StringName - The Name of a Redirect Configuration to use for this Path Rule. Cannot be set if
backend_address_pool_nameorbackend_http_settings_nameis set. - rewrite
Rule StringSet Id - The ID of the associated Rewrite Rule Set.
- rewrite
Rule StringSet Name - The Name of the Rewrite Rule Set which should be used for this URL Path Map. Only valid for v2 SKUs.
ApplicationGatewayWafConfiguration, ApplicationGatewayWafConfigurationArgs
- Enabled bool
- Is the Web Application Firewall enabled?
- Firewall
Mode string - The Web Application Firewall Mode. Possible values are
DetectionandPrevention. - Rule
Set stringVersion - The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1,1.0,2.1,2.2.9,3.0,3.1and3.2. - Disabled
Rule List<ApplicationGroups Gateway Waf Configuration Disabled Rule Group> - One or more
disabled_rule_groupblocks as defined below. - Exclusions
List<Application
Gateway Waf Configuration Exclusion> - One or more
exclusionblocks as defined below. - File
Upload intLimit Mb - The File Upload Limit in MB. Accepted values are in the range
1MB to750MB for theWAF_v2SKU, and1MB to500MB for all other SKUs. Defaults to100MB. - Max
Request intBody Size Kb - The Maximum Request Body Size in KB. Accepted values are in the range
1KB to128KB. Defaults to128KB. - Request
Body boolCheck - Is Request Body Inspection enabled? Defaults to
true. - Rule
Set stringType - The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP,Microsoft_BotManagerRuleSetandMicrosoft_DefaultRuleSet. Defaults toOWASP.
- Enabled bool
- Is the Web Application Firewall enabled?
- Firewall
Mode string - The Web Application Firewall Mode. Possible values are
DetectionandPrevention. - Rule
Set stringVersion - The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1,1.0,2.1,2.2.9,3.0,3.1and3.2. - Disabled
Rule []ApplicationGroups Gateway Waf Configuration Disabled Rule Group - One or more
disabled_rule_groupblocks as defined below. - Exclusions
[]Application
Gateway Waf Configuration Exclusion - One or more
exclusionblocks as defined below. - File
Upload intLimit Mb - The File Upload Limit in MB. Accepted values are in the range
1MB to750MB for theWAF_v2SKU, and1MB to500MB for all other SKUs. Defaults to100MB. - Max
Request intBody Size Kb - The Maximum Request Body Size in KB. Accepted values are in the range
1KB to128KB. Defaults to128KB. - Request
Body boolCheck - Is Request Body Inspection enabled? Defaults to
true. - Rule
Set stringType - The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP,Microsoft_BotManagerRuleSetandMicrosoft_DefaultRuleSet. Defaults toOWASP.
- enabled Boolean
- Is the Web Application Firewall enabled?
- firewall
Mode String - The Web Application Firewall Mode. Possible values are
DetectionandPrevention. - rule
Set StringVersion - The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1,1.0,2.1,2.2.9,3.0,3.1and3.2. - disabled
Rule List<ApplicationGroups Gateway Waf Configuration Disabled Rule Group> - One or more
disabled_rule_groupblocks as defined below. - exclusions
List<Application
Gateway Waf Configuration Exclusion> - One or more
exclusionblocks as defined below. - file
Upload IntegerLimit Mb - The File Upload Limit in MB. Accepted values are in the range
1MB to750MB for theWAF_v2SKU, and1MB to500MB for all other SKUs. Defaults to100MB. - max
Request IntegerBody Size Kb - The Maximum Request Body Size in KB. Accepted values are in the range
1KB to128KB. Defaults to128KB. - request
Body BooleanCheck - Is Request Body Inspection enabled? Defaults to
true. - rule
Set StringType - The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP,Microsoft_BotManagerRuleSetandMicrosoft_DefaultRuleSet. Defaults toOWASP.
- enabled boolean
- Is the Web Application Firewall enabled?
- firewall
Mode string - The Web Application Firewall Mode. Possible values are
DetectionandPrevention. - rule
Set stringVersion - The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1,1.0,2.1,2.2.9,3.0,3.1and3.2. - disabled
Rule ApplicationGroups Gateway Waf Configuration Disabled Rule Group[] - One or more
disabled_rule_groupblocks as defined below. - exclusions
Application
Gateway Waf Configuration Exclusion[] - One or more
exclusionblocks as defined below. - file
Upload numberLimit Mb - The File Upload Limit in MB. Accepted values are in the range
1MB to750MB for theWAF_v2SKU, and1MB to500MB for all other SKUs. Defaults to100MB. - max
Request numberBody Size Kb - The Maximum Request Body Size in KB. Accepted values are in the range
1KB to128KB. Defaults to128KB. - request
Body booleanCheck - Is Request Body Inspection enabled? Defaults to
true. - rule
Set stringType - The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP,Microsoft_BotManagerRuleSetandMicrosoft_DefaultRuleSet. Defaults toOWASP.
- enabled bool
- Is the Web Application Firewall enabled?
- firewall_
mode str - The Web Application Firewall Mode. Possible values are
DetectionandPrevention. - rule_
set_ strversion - The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1,1.0,2.1,2.2.9,3.0,3.1and3.2. - disabled_
rule_ Sequence[Applicationgroups Gateway Waf Configuration Disabled Rule Group] - One or more
disabled_rule_groupblocks as defined below. - exclusions
Sequence[Application
Gateway Waf Configuration Exclusion] - One or more
exclusionblocks as defined below. - file_
upload_ intlimit_ mb - The File Upload Limit in MB. Accepted values are in the range
1MB to750MB for theWAF_v2SKU, and1MB to500MB for all other SKUs. Defaults to100MB. - max_
request_ intbody_ size_ kb - The Maximum Request Body Size in KB. Accepted values are in the range
1KB to128KB. Defaults to128KB. - request_
body_ boolcheck - Is Request Body Inspection enabled? Defaults to
true. - rule_
set_ strtype - The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP,Microsoft_BotManagerRuleSetandMicrosoft_DefaultRuleSet. Defaults toOWASP.
- enabled Boolean
- Is the Web Application Firewall enabled?
- firewall
Mode String - The Web Application Firewall Mode. Possible values are
DetectionandPrevention. - rule
Set StringVersion - The Version of the Rule Set used for this Web Application Firewall. Possible values are
0.1,1.0,2.1,2.2.9,3.0,3.1and3.2. - disabled
Rule List<Property Map>Groups - One or more
disabled_rule_groupblocks as defined below. - exclusions List<Property Map>
- One or more
exclusionblocks as defined below. - file
Upload NumberLimit Mb - The File Upload Limit in MB. Accepted values are in the range
1MB to750MB for theWAF_v2SKU, and1MB to500MB for all other SKUs. Defaults to100MB. - max
Request NumberBody Size Kb - The Maximum Request Body Size in KB. Accepted values are in the range
1KB to128KB. Defaults to128KB. - request
Body BooleanCheck - Is Request Body Inspection enabled? Defaults to
true. - rule
Set StringType - The Type of the Rule Set used for this Web Application Firewall. Possible values are
OWASP,Microsoft_BotManagerRuleSetandMicrosoft_DefaultRuleSet. Defaults toOWASP.
ApplicationGatewayWafConfigurationDisabledRuleGroup, ApplicationGatewayWafConfigurationDisabledRuleGroupArgs
- Rule
Group stringName - The rule group where specific rules should be disabled. Possible values are
BadBots,crs_20_protocol_violations,crs_21_protocol_anomalies,crs_23_request_limits,crs_30_http_policy,crs_35_bad_robots,crs_40_generic_attacks,crs_41_sql_injection_attacks,crs_41_xss_attacks,crs_42_tight_security,crs_45_trojans,crs_49_inbound_blocking,General,GoodBots,KnownBadBots,Known-CVEs,REQUEST-911-METHOD-ENFORCEMENT,REQUEST-913-SCANNER-DETECTION,REQUEST-920-PROTOCOL-ENFORCEMENT,REQUEST-921-PROTOCOL-ATTACK,REQUEST-930-APPLICATION-ATTACK-LFI,REQUEST-931-APPLICATION-ATTACK-RFI,REQUEST-932-APPLICATION-ATTACK-RCE,REQUEST-933-APPLICATION-ATTACK-PHP,REQUEST-941-APPLICATION-ATTACK-XSS,REQUEST-942-APPLICATION-ATTACK-SQLI,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION,REQUEST-944-APPLICATION-ATTACK-JAVA,UnknownBots,METHOD-ENFORCEMENT,PROTOCOL-ENFORCEMENT,PROTOCOL-ATTACK,LFI,RFI,RCE,PHP,NODEJS,XSS,SQLI,FIX,JAVA,MS-ThreatIntel-WebShells,MS-ThreatIntel-AppSec,MS-ThreatIntel-SQLIandMS-ThreatIntel-CVEs. - Rules List<int>
- A list of rules which should be disabled in that group. Disables all rules in the specified group if
rulesis not specified.
- Rule
Group stringName - The rule group where specific rules should be disabled. Possible values are
BadBots,crs_20_protocol_violations,crs_21_protocol_anomalies,crs_23_request_limits,crs_30_http_policy,crs_35_bad_robots,crs_40_generic_attacks,crs_41_sql_injection_attacks,crs_41_xss_attacks,crs_42_tight_security,crs_45_trojans,crs_49_inbound_blocking,General,GoodBots,KnownBadBots,Known-CVEs,REQUEST-911-METHOD-ENFORCEMENT,REQUEST-913-SCANNER-DETECTION,REQUEST-920-PROTOCOL-ENFORCEMENT,REQUEST-921-PROTOCOL-ATTACK,REQUEST-930-APPLICATION-ATTACK-LFI,REQUEST-931-APPLICATION-ATTACK-RFI,REQUEST-932-APPLICATION-ATTACK-RCE,REQUEST-933-APPLICATION-ATTACK-PHP,REQUEST-941-APPLICATION-ATTACK-XSS,REQUEST-942-APPLICATION-ATTACK-SQLI,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION,REQUEST-944-APPLICATION-ATTACK-JAVA,UnknownBots,METHOD-ENFORCEMENT,PROTOCOL-ENFORCEMENT,PROTOCOL-ATTACK,LFI,RFI,RCE,PHP,NODEJS,XSS,SQLI,FIX,JAVA,MS-ThreatIntel-WebShells,MS-ThreatIntel-AppSec,MS-ThreatIntel-SQLIandMS-ThreatIntel-CVEs. - Rules []int
- A list of rules which should be disabled in that group. Disables all rules in the specified group if
rulesis not specified.
- rule
Group StringName - The rule group where specific rules should be disabled. Possible values are
BadBots,crs_20_protocol_violations,crs_21_protocol_anomalies,crs_23_request_limits,crs_30_http_policy,crs_35_bad_robots,crs_40_generic_attacks,crs_41_sql_injection_attacks,crs_41_xss_attacks,crs_42_tight_security,crs_45_trojans,crs_49_inbound_blocking,General,GoodBots,KnownBadBots,Known-CVEs,REQUEST-911-METHOD-ENFORCEMENT,REQUEST-913-SCANNER-DETECTION,REQUEST-920-PROTOCOL-ENFORCEMENT,REQUEST-921-PROTOCOL-ATTACK,REQUEST-930-APPLICATION-ATTACK-LFI,REQUEST-931-APPLICATION-ATTACK-RFI,REQUEST-932-APPLICATION-ATTACK-RCE,REQUEST-933-APPLICATION-ATTACK-PHP,REQUEST-941-APPLICATION-ATTACK-XSS,REQUEST-942-APPLICATION-ATTACK-SQLI,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION,REQUEST-944-APPLICATION-ATTACK-JAVA,UnknownBots,METHOD-ENFORCEMENT,PROTOCOL-ENFORCEMENT,PROTOCOL-ATTACK,LFI,RFI,RCE,PHP,NODEJS,XSS,SQLI,FIX,JAVA,MS-ThreatIntel-WebShells,MS-ThreatIntel-AppSec,MS-ThreatIntel-SQLIandMS-ThreatIntel-CVEs. - rules List<Integer>
- A list of rules which should be disabled in that group. Disables all rules in the specified group if
rulesis not specified.
- rule
Group stringName - The rule group where specific rules should be disabled. Possible values are
BadBots,crs_20_protocol_violations,crs_21_protocol_anomalies,crs_23_request_limits,crs_30_http_policy,crs_35_bad_robots,crs_40_generic_attacks,crs_41_sql_injection_attacks,crs_41_xss_attacks,crs_42_tight_security,crs_45_trojans,crs_49_inbound_blocking,General,GoodBots,KnownBadBots,Known-CVEs,REQUEST-911-METHOD-ENFORCEMENT,REQUEST-913-SCANNER-DETECTION,REQUEST-920-PROTOCOL-ENFORCEMENT,REQUEST-921-PROTOCOL-ATTACK,REQUEST-930-APPLICATION-ATTACK-LFI,REQUEST-931-APPLICATION-ATTACK-RFI,REQUEST-932-APPLICATION-ATTACK-RCE,REQUEST-933-APPLICATION-ATTACK-PHP,REQUEST-941-APPLICATION-ATTACK-XSS,REQUEST-942-APPLICATION-ATTACK-SQLI,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION,REQUEST-944-APPLICATION-ATTACK-JAVA,UnknownBots,METHOD-ENFORCEMENT,PROTOCOL-ENFORCEMENT,PROTOCOL-ATTACK,LFI,RFI,RCE,PHP,NODEJS,XSS,SQLI,FIX,JAVA,MS-ThreatIntel-WebShells,MS-ThreatIntel-AppSec,MS-ThreatIntel-SQLIandMS-ThreatIntel-CVEs. - rules number[]
- A list of rules which should be disabled in that group. Disables all rules in the specified group if
rulesis not specified.
- rule_
group_ strname - The rule group where specific rules should be disabled. Possible values are
BadBots,crs_20_protocol_violations,crs_21_protocol_anomalies,crs_23_request_limits,crs_30_http_policy,crs_35_bad_robots,crs_40_generic_attacks,crs_41_sql_injection_attacks,crs_41_xss_attacks,crs_42_tight_security,crs_45_trojans,crs_49_inbound_blocking,General,GoodBots,KnownBadBots,Known-CVEs,REQUEST-911-METHOD-ENFORCEMENT,REQUEST-913-SCANNER-DETECTION,REQUEST-920-PROTOCOL-ENFORCEMENT,REQUEST-921-PROTOCOL-ATTACK,REQUEST-930-APPLICATION-ATTACK-LFI,REQUEST-931-APPLICATION-ATTACK-RFI,REQUEST-932-APPLICATION-ATTACK-RCE,REQUEST-933-APPLICATION-ATTACK-PHP,REQUEST-941-APPLICATION-ATTACK-XSS,REQUEST-942-APPLICATION-ATTACK-SQLI,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION,REQUEST-944-APPLICATION-ATTACK-JAVA,UnknownBots,METHOD-ENFORCEMENT,PROTOCOL-ENFORCEMENT,PROTOCOL-ATTACK,LFI,RFI,RCE,PHP,NODEJS,XSS,SQLI,FIX,JAVA,MS-ThreatIntel-WebShells,MS-ThreatIntel-AppSec,MS-ThreatIntel-SQLIandMS-ThreatIntel-CVEs. - rules Sequence[int]
- A list of rules which should be disabled in that group. Disables all rules in the specified group if
rulesis not specified.
- rule
Group StringName - The rule group where specific rules should be disabled. Possible values are
BadBots,crs_20_protocol_violations,crs_21_protocol_anomalies,crs_23_request_limits,crs_30_http_policy,crs_35_bad_robots,crs_40_generic_attacks,crs_41_sql_injection_attacks,crs_41_xss_attacks,crs_42_tight_security,crs_45_trojans,crs_49_inbound_blocking,General,GoodBots,KnownBadBots,Known-CVEs,REQUEST-911-METHOD-ENFORCEMENT,REQUEST-913-SCANNER-DETECTION,REQUEST-920-PROTOCOL-ENFORCEMENT,REQUEST-921-PROTOCOL-ATTACK,REQUEST-930-APPLICATION-ATTACK-LFI,REQUEST-931-APPLICATION-ATTACK-RFI,REQUEST-932-APPLICATION-ATTACK-RCE,REQUEST-933-APPLICATION-ATTACK-PHP,REQUEST-941-APPLICATION-ATTACK-XSS,REQUEST-942-APPLICATION-ATTACK-SQLI,REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION,REQUEST-944-APPLICATION-ATTACK-JAVA,UnknownBots,METHOD-ENFORCEMENT,PROTOCOL-ENFORCEMENT,PROTOCOL-ATTACK,LFI,RFI,RCE,PHP,NODEJS,XSS,SQLI,FIX,JAVA,MS-ThreatIntel-WebShells,MS-ThreatIntel-AppSec,MS-ThreatIntel-SQLIandMS-ThreatIntel-CVEs. - rules List<Number>
- A list of rules which should be disabled in that group. Disables all rules in the specified group if
rulesis not specified.
ApplicationGatewayWafConfigurationExclusion, ApplicationGatewayWafConfigurationExclusionArgs
- Match
Variable string - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys,RequestArgNames,RequestArgValues,RequestCookieKeys,RequestCookieNames,RequestCookieValues,RequestHeaderKeys,RequestHeaderNamesandRequestHeaderValues - Selector string
- String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable - Selector
Match stringOperator - Operator which will be used to search in the variable content. Possible values are
Contains,EndsWith,Equals,EqualsAnyandStartsWith. If empty will exclude all traffic on thismatch_variable
- Match
Variable string - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys,RequestArgNames,RequestArgValues,RequestCookieKeys,RequestCookieNames,RequestCookieValues,RequestHeaderKeys,RequestHeaderNamesandRequestHeaderValues - Selector string
- String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable - Selector
Match stringOperator - Operator which will be used to search in the variable content. Possible values are
Contains,EndsWith,Equals,EqualsAnyandStartsWith. If empty will exclude all traffic on thismatch_variable
- match
Variable String - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys,RequestArgNames,RequestArgValues,RequestCookieKeys,RequestCookieNames,RequestCookieValues,RequestHeaderKeys,RequestHeaderNamesandRequestHeaderValues - selector String
- String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable - selector
Match StringOperator - Operator which will be used to search in the variable content. Possible values are
Contains,EndsWith,Equals,EqualsAnyandStartsWith. If empty will exclude all traffic on thismatch_variable
- match
Variable string - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys,RequestArgNames,RequestArgValues,RequestCookieKeys,RequestCookieNames,RequestCookieValues,RequestHeaderKeys,RequestHeaderNamesandRequestHeaderValues - selector string
- String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable - selector
Match stringOperator - Operator which will be used to search in the variable content. Possible values are
Contains,EndsWith,Equals,EqualsAnyandStartsWith. If empty will exclude all traffic on thismatch_variable
- match_
variable str - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys,RequestArgNames,RequestArgValues,RequestCookieKeys,RequestCookieNames,RequestCookieValues,RequestHeaderKeys,RequestHeaderNamesandRequestHeaderValues - selector str
- String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable - selector_
match_ stroperator - Operator which will be used to search in the variable content. Possible values are
Contains,EndsWith,Equals,EqualsAnyandStartsWith. If empty will exclude all traffic on thismatch_variable
- match
Variable String - Match variable of the exclusion rule to exclude header, cookie or GET arguments. Possible values are
RequestArgKeys,RequestArgNames,RequestArgValues,RequestCookieKeys,RequestCookieNames,RequestCookieValues,RequestHeaderKeys,RequestHeaderNamesandRequestHeaderValues - selector String
- String value which will be used for the filter operation. If empty will exclude all traffic on this
match_variable - selector
Match StringOperator - Operator which will be used to search in the variable content. Possible values are
Contains,EndsWith,Equals,EqualsAnyandStartsWith. If empty will exclude all traffic on thismatch_variable
Import
Application Gateway’s can be imported using the resource id, e.g.
$ pulumi import azure:network/applicationGateway:ApplicationGateway example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.