Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
- Latest
- 2025-01-01
- 2024-10-01
- 2024-07-01
- 2024-05-01
- 2024-03-01
- 2024-01-01
- 2023-11-01
- 2023-09-01
- 2023-06-01
- 2023-05-01
- 2023-04-01
- 2023-02-01
- 2022-11-01
- 2022-09-01
- 2022-07-01
- 2022-05-01
- 2022-01-01
- 2021-08-01
- 2021-05-01
- 2021-03-01
- 2021-02-01
- 2020-11-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-04-01
- 2020-03-01
- 2019-12-01
- 2019-11-01
- 2019-09-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-04-01
- 2019-02-01
- 2018-12-01
- 2018-11-01
- 2018-10-01
- 2018-08-01
- 2018-07-01
- 2018-06-01
- 2018-04-01
- 2018-02-01
- 2018-01-01
- 2017-11-01
- 2017-10-01
- 2017-09-01
- 2017-08-01
- 2017-06-01
- 2017-03-30
- 2017-03-01
- 2016-12-01
- 2016-09-01
- 2016-06-01
- 2016-03-30
- 2015-06-15
- 2015-05-01-preview
Bicep resource definition
The applicationGateways resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/applicationGateways resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Network/applicationGateways@2016-06-01' = {
scope: resourceSymbolicName or scope
etag: 'string'
___location: 'string'
name: 'string'
properties: {
authenticationCertificates: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
data: 'string'
provisioningState: 'string'
}
}
]
backendAddressPools: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
backendAddresses: [
{
fqdn: 'string'
ipAddress: 'string'
}
]
backendIPConfigurations: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
applicationGatewayBackendAddressPools: [
...
]
loadBalancerBackendAddressPools: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
provisioningState: 'string'
}
}
]
loadBalancerInboundNatRules: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
backendPort: int
enableFloatingIP: bool
frontendIPConfiguration: {
id: 'string'
}
frontendPort: int
idleTimeoutInMinutes: int
protocol: 'string'
provisioningState: 'string'
}
}
]
primary: bool
privateIPAddress: 'string'
privateIPAddressVersion: 'string'
privateIPAllocationMethod: 'string'
provisioningState: 'string'
publicIPAddress: {
etag: 'string'
id: 'string'
___location: 'string'
properties: {
dnsSettings: {
domainNameLabel: 'string'
fqdn: 'string'
reverseFqdn: 'string'
}
idleTimeoutInMinutes: int
ipAddress: 'string'
provisioningState: 'string'
publicIPAddressVersion: 'string'
publicIPAllocationMethod: 'string'
resourceGuid: 'string'
}
tags: {
{customized property}: 'string'
}
}
subnet: {
etag: 'string'
id: 'string'
name: 'string'
properties: {
addressPrefix: 'string'
networkSecurityGroup: {
etag: 'string'
id: 'string'
___location: 'string'
properties: {
defaultSecurityRules: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationPortRange: 'string'
direction: 'string'
priority: int
protocol: 'string'
provisioningState: 'string'
sourceAddressPrefix: 'string'
sourcePortRange: 'string'
}
}
]
provisioningState: 'string'
resourceGuid: 'string'
securityRules: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationPortRange: 'string'
direction: 'string'
priority: int
protocol: 'string'
provisioningState: 'string'
sourceAddressPrefix: 'string'
sourcePortRange: 'string'
}
}
]
}
tags: {
{customized property}: 'string'
}
}
provisioningState: 'string'
resourceNavigationLinks: [
{
id: 'string'
name: 'string'
properties: {
link: 'string'
linkedResourceType: 'string'
}
}
]
routeTable: {
etag: 'string'
id: 'string'
___location: 'string'
properties: {
provisioningState: 'string'
routes: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
addressPrefix: 'string'
nextHopIpAddress: 'string'
nextHopType: 'string'
provisioningState: 'string'
}
}
]
}
tags: {
{customized property}: 'string'
}
}
}
}
}
}
]
provisioningState: 'string'
}
}
]
backendHttpSettingsCollection: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
authenticationCertificates: [
{
id: 'string'
}
]
cookieBasedAffinity: 'string'
port: int
probe: {
id: 'string'
}
protocol: 'string'
provisioningState: 'string'
requestTimeout: int
}
}
]
frontendIPConfigurations: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
privateIPAddress: 'string'
privateIPAllocationMethod: 'string'
provisioningState: 'string'
publicIPAddress: {
id: 'string'
}
subnet: {
id: 'string'
}
}
}
]
frontendPorts: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
port: int
provisioningState: 'string'
}
}
]
gatewayIPConfigurations: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
provisioningState: 'string'
subnet: {
id: 'string'
}
}
}
]
httpListeners: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
frontendIPConfiguration: {
id: 'string'
}
frontendPort: {
id: 'string'
}
hostName: 'string'
protocol: 'string'
provisioningState: 'string'
requireServerNameIndication: bool
sslCertificate: {
id: 'string'
}
}
}
]
probes: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
host: 'string'
interval: int
path: 'string'
protocol: 'string'
provisioningState: 'string'
timeout: int
unhealthyThreshold: int
}
}
]
provisioningState: 'string'
requestRoutingRules: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
backendAddressPool: {
id: 'string'
}
backendHttpSettings: {
id: 'string'
}
httpListener: {
id: 'string'
}
provisioningState: 'string'
ruleType: 'string'
urlPathMap: {
id: 'string'
}
}
}
]
resourceGuid: 'string'
sku: {
capacity: int
name: 'string'
tier: 'string'
}
sslCertificates: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
data: 'string'
password: 'string'
provisioningState: 'string'
publicCertData: 'string'
}
}
]
sslPolicy: {
disabledSslProtocols: [
'string'
]
}
urlPathMaps: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
defaultBackendAddressPool: {
id: 'string'
}
defaultBackendHttpSettings: {
id: 'string'
}
pathRules: [
{
etag: 'string'
id: 'string'
name: 'string'
properties: {
backendAddressPool: {
id: 'string'
}
backendHttpSettings: {
id: 'string'
}
paths: [
'string'
]
provisioningState: 'string'
}
}
]
provisioningState: 'string'
}
}
]
}
tags: {
{customized property}: 'string'
}
}
Property Values
Microsoft.Network/applicationGateways
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| ___location | Resource ___location | string |
| name | The resource name | string (required) |
| properties | Properties of Application Gateway | ApplicationGatewayPropertiesFormat |
| scope | Use when creating a resource at a scope that is different than the deployment scope. | Set this property to the symbolic name of a resource to apply the extension resource. |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
ApplicationGatewayAuthenticationCertificate
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Authentication certificates of application gateway | ApplicationGatewayAuthenticationCertificatePropertiesFormat |
ApplicationGatewayAuthenticationCertificatePropertiesFormat
| Name | Description | Value |
|---|---|---|
| data | Certificate public data | string |
| provisioningState | Provisioning state of the authentication certificate resource Updating/Deleting/Failed | string |
ApplicationGatewayBackendAddress
| Name | Description | Value |
|---|---|---|
| fqdn | Dns name | string |
| ipAddress | Ip address | string |
ApplicationGatewayBackendAddressPool
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Backend Address Pool of application gateway | ApplicationGatewayBackendAddressPoolPropertiesFormat |
ApplicationGatewayBackendAddressPoolPropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddresses | Backend addresses | ApplicationGatewayBackendAddress[] |
| backendIPConfigurations | Collection of references to IPs defined in NICs | NetworkInterfaceIPConfiguration[] |
| provisioningState | Provisioning state of the backend address pool resource Updating/Deleting/Failed | string |
ApplicationGatewayBackendHttpSettings
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Backend address pool settings of application gateway | ApplicationGatewayBackendHttpSettingsPropertiesFormat |
ApplicationGatewayBackendHttpSettingsPropertiesFormat
| Name | Description | Value |
|---|---|---|
| authenticationCertificates | Array of references to Application Gateway Authentication Certificates | SubResource[] |
| cookieBasedAffinity | Cookie affinity | 'Disabled' 'Enabled' |
| port | Port | int |
| probe | Probe resource of application gateway | SubResource |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
| requestTimeout | Request timeout | int |
ApplicationGatewayFrontendIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Frontend IP configuration of application gateway | ApplicationGatewayFrontendIPConfigurationPropertiesFormat |
ApplicationGatewayFrontendIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| privateIPAddress | PrivateIPAddress of the Network Interface IP Configuration | string |
| privateIPAllocationMethod | PrivateIP allocation method (Static/Dynamic) | 'Dynamic' 'Static' |
| provisioningState | Provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| publicIPAddress | Reference of the PublicIP resource | SubResource |
| subnet | Reference of the subnet resource | SubResource |
ApplicationGatewayFrontendPort
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Frontend Port of application gateway | ApplicationGatewayFrontendPortPropertiesFormat |
ApplicationGatewayFrontendPortPropertiesFormat
| Name | Description | Value |
|---|---|---|
| port | Frontend port | int |
| provisioningState | Provisioning state of the frontend port resource Updating/Deleting/Failed | string |
ApplicationGatewayHttpListener
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Http listener of application gateway | ApplicationGatewayHttpListenerPropertiesFormat |
ApplicationGatewayHttpListenerPropertiesFormat
| Name | Description | Value |
|---|---|---|
| frontendIPConfiguration | Frontend IP configuration resource of application gateway | SubResource |
| frontendPort | Frontend port resource of application gateway | SubResource |
| hostName | Host name of http listener | string |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the http listener resource Updating/Deleting/Failed | string |
| requireServerNameIndication | RequireServerNameIndication of http listener | bool |
| sslCertificate | Ssl certificate resource of application gateway | SubResource |
ApplicationGatewayIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of IP configuration of application gateway | ApplicationGatewayIPConfigurationPropertiesFormat |
ApplicationGatewayIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Provisioning state of the application gateway subnet resource Updating/Deleting/Failed | string |
| subnet | Reference of the subnet resource. A subnet from where application gateway gets its private address | SubResource |
ApplicationGatewayPathRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of probe of application gateway | ApplicationGatewayPathRulePropertiesFormat |
ApplicationGatewayPathRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddressPool | Backend address pool resource of URL path map | SubResource |
| backendHttpSettings | Backend http settings resource of URL path map | SubResource |
| paths | Path rules of URL path map | string[] |
| provisioningState | Path rule of URL path map resource Updating/Deleting/Failed | string |
ApplicationGatewayProbe
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of probe of application gateway | ApplicationGatewayProbePropertiesFormat |
ApplicationGatewayProbePropertiesFormat
| Name | Description | Value |
|---|---|---|
| host | Host to send probe to | string |
| interval | Probing interval in seconds | int |
| path | Relative path of probe | string |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
| timeout | Probing timeout in seconds | int |
| unhealthyThreshold | Probing unhealthy threshold | int |
ApplicationGatewayPropertiesFormat
| Name | Description | Value |
|---|---|---|
| authenticationCertificates | Authentication certificates of application gateway resource | ApplicationGatewayAuthenticationCertificate[] |
| backendAddressPools | Backend address pool of application gateway resource | ApplicationGatewayBackendAddressPool[] |
| backendHttpSettingsCollection | Backend http settings of application gateway resource | ApplicationGatewayBackendHttpSettings[] |
| frontendIPConfigurations | Frontend IP addresses of application gateway resource | ApplicationGatewayFrontendIPConfiguration[] |
| frontendPorts | Frontend ports of application gateway resource | ApplicationGatewayFrontendPort[] |
| gatewayIPConfigurations | Subnets of application gateway resource | ApplicationGatewayIPConfiguration[] |
| httpListeners | HTTP listeners of application gateway resource | ApplicationGatewayHttpListener[] |
| probes | Probes of application gateway resource | ApplicationGatewayProbe[] |
| provisioningState | Provisioning state of the ApplicationGateway resource Updating/Deleting/Failed | string |
| requestRoutingRules | Request routing rules of application gateway resource | ApplicationGatewayRequestRoutingRule[] |
| resourceGuid | Resource guid property of the ApplicationGateway resource | string |
| sku | Sku of application gateway resource | ApplicationGatewaySku |
| sslCertificates | SSL certificates of application gateway resource | ApplicationGatewaySslCertificate[] |
| sslPolicy | SSL policy of application gateway resource | ApplicationGatewaySslPolicy |
| urlPathMaps | URL path map of application gateway resource | ApplicationGatewayUrlPathMap[] |
ApplicationGatewayRequestRoutingRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Request routing rule of application gateway | ApplicationGatewayRequestRoutingRulePropertiesFormat |
ApplicationGatewayRequestRoutingRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddressPool | Backend address pool resource of application gateway | SubResource |
| backendHttpSettings | Frontend port resource of application gateway | SubResource |
| httpListener | Http listener resource of application gateway | SubResource |
| provisioningState | Provisioning state of the request routing rule resource Updating/Deleting/Failed | string |
| ruleType | Rule type | 'Basic' 'PathBasedRouting' |
| urlPathMap | Url path map resource of application gateway | SubResource |
ApplicationGatewaySku
| Name | Description | Value |
|---|---|---|
| capacity | Capacity (instance count) of application gateway | int |
| name | Name of application gateway SKU | 'Standard_Large' 'Standard_Medium' 'Standard_Small' |
| tier | Tier of application gateway | 'Standard' |
ApplicationGatewaySslCertificate
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of SSL certificates of application gateway | ApplicationGatewaySslCertificatePropertiesFormat |
ApplicationGatewaySslCertificatePropertiesFormat
| Name | Description | Value |
|---|---|---|
| data | SSL Certificate data | string |
| password | SSL Certificate password | string |
| provisioningState | Provisioning state of the ssl certificate resource Updating/Deleting/Failed | string |
| publicCertData | SSL Certificate public data | string |
ApplicationGatewaySslPolicy
| Name | Description | Value |
|---|---|---|
| disabledSslProtocols | SSL protocols to be disabled on Application Gateway | String array containing any of: 'TLSv1_0' 'TLSv1_1' 'TLSv1_2' |
ApplicationGatewayUrlPathMap
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of UrlPathMap of application gateway | ApplicationGatewayUrlPathMapPropertiesFormat |
ApplicationGatewayUrlPathMapPropertiesFormat
| Name | Description | Value |
|---|---|---|
| defaultBackendAddressPool | Default backend address pool resource of URL path map | SubResource |
| defaultBackendHttpSettings | Default backend http settings resource of URL path map | SubResource |
| pathRules | Path rule of URL path map resource | ApplicationGatewayPathRule[] |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
BackendAddressPool
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of BackendAddressPool | BackendAddressPoolPropertiesFormat |
BackendAddressPoolPropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Get provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
InboundNatRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Inbound NAT rule | InboundNatRulePropertiesFormat |
InboundNatRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendPort | Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API | int |
| enableFloatingIP | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint | bool |
| frontendIPConfiguration | Gets or sets a reference to frontend IP Addresses | SubResource |
| frontendPort | Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive | int |
| idleTimeoutInMinutes | Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp | int |
| protocol | Gets or sets the transport protocol for the endpoint. Possible values are Udp or Tcp | 'Tcp' 'Udp' |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
NetworkInterfaceIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of IPConfiguration | NetworkInterfaceIPConfigurationPropertiesFormat |
NetworkInterfaceIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| applicationGatewayBackendAddressPools | Gets or sets the reference of ApplicationGatewayBackendAddressPool resource | ApplicationGatewayBackendAddressPool[] |
| loadBalancerBackendAddressPools | Gets or sets the reference of LoadBalancerBackendAddressPool resource | BackendAddressPool[] |
| loadBalancerInboundNatRules | Gets or sets list of references of LoadBalancerInboundNatRules | InboundNatRule[] |
| primary | Gets whether this is a primary customer address on the NIC | bool |
| privateIPAddress | string | |
| privateIPAddressVersion | Gets or sets PrivateIP address version (IPv4/IPv6) | 'IPv4' 'IPv6' |
| privateIPAllocationMethod | Gets or sets PrivateIP allocation method | 'Dynamic' 'Static' |
| provisioningState | string | |
| publicIPAddress | PublicIPAddress resource | PublicIPAddress |
| subnet | Subnet in a VirtualNetwork resource | Subnet |
NetworkSecurityGroup
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | Network Security Group resource | NetworkSecurityGroupPropertiesFormat |
| tags | Resource tags | ResourceTags |
NetworkSecurityGroupPropertiesFormat
| Name | Description | Value |
|---|---|---|
| defaultSecurityRules | Gets or default security rules of network security group | SecurityRule[] |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| resourceGuid | Gets or sets resource guid property of the network security group resource | string |
| securityRules | Gets or sets security rules of network security group | SecurityRule[] |
PublicIPAddress
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | PublicIpAddress properties | PublicIPAddressPropertiesFormat |
| tags | Resource tags | ResourceTags |
PublicIPAddressDnsSettings
| Name | Description | Value |
|---|---|---|
| domainNameLabel | Gets or sets the Domain name label.The concatenation of the ___domain name label and the regionalized DNS zone make up the fully qualified ___domain name associated with the public IP address. If a ___domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
| fqdn | Gets the FQDN, Fully qualified ___domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | string |
| reverseFqdn | Gets or Sets the Reverse FQDN. A user-visible, fully qualified ___domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa ___domain to the reverse FQDN. | string |
PublicIPAddressPropertiesFormat
| Name | Description | Value |
|---|---|---|
| dnsSettings | Gets or sets FQDN of the DNS record associated with the public IP address | PublicIPAddressDnsSettings |
| idleTimeoutInMinutes | Gets or sets the idle timeout of the public IP address | int |
| ipAddress | string | |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| publicIPAddressVersion | Gets or sets PublicIP address version (IPv4/IPv6) | 'IPv4' 'IPv6' |
| publicIPAllocationMethod | Gets or sets PublicIP allocation method (Static/Dynamic) | 'Dynamic' 'Static' |
| resourceGuid | Gets or sets resource guid property of the PublicIP resource | string |
ResourceNavigationLink
| Name | Description | Value |
|---|---|---|
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of ResourceNavigationLink | ResourceNavigationLinkFormat |
ResourceNavigationLinkFormat
| Name | Description | Value |
|---|---|---|
| link | Link to the external resource | string |
| linkedResourceType | Resource type of the linked resource | string |
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
Route
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Route resource | RoutePropertiesFormat |
RoutePropertiesFormat
| Name | Description | Value |
|---|---|---|
| addressPrefix | Gets or sets the destination CIDR to which the route applies. | string |
| nextHopIpAddress | Gets or sets the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | string |
| nextHopType | Gets or sets the type of Azure hop the packet should be sent to. | 'Internet' 'None' 'VirtualAppliance' 'VirtualNetworkGateway' 'VnetLocal' (required) |
| provisioningState | Gets provisioning state of the resource Updating/Deleting/Failed | string |
RouteTable
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | Route Table resource | RouteTablePropertiesFormat |
| tags | Resource tags | ResourceTags |
RouteTablePropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Gets provisioning state of the resource Updating/Deleting/Failed | string |
| routes | Gets or sets Routes in a Route Table | Route[] |
SecurityRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| access | Gets or sets network traffic is allowed or denied. Possible values are 'Allow' and 'Deny' | 'Allow' 'Deny' (required) |
| description | Gets or sets a description for this rule. Restricted to 140 chars. | string |
| destinationAddressPrefix | Gets or sets destination address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string (required) |
| destinationPortRange | Gets or sets Destination Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
| direction | Gets or sets the direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
| priority | Gets or sets the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
| protocol | Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*). | '*' 'Tcp' 'Udp' (required) |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| sourceAddressPrefix | Gets or sets source address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string (required) |
| sourcePortRange | Gets or sets Source Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
Subnet
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets or sets the name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | SubnetPropertiesFormat |
SubnetPropertiesFormat
| Name | Description | Value |
|---|---|---|
| addressPrefix | Gets or sets Address prefix for the subnet. | string |
| networkSecurityGroup | Gets or sets the reference of the NetworkSecurityGroup resource | NetworkSecurityGroup |
| provisioningState | Gets provisioning state of the resource | string |
| resourceNavigationLinks | Gets array of references to the external resources using subnet | ResourceNavigationLink[] |
| routeTable | Gets or sets the reference of the RouteTable resource | RouteTable |
SubResource
| Name | Description | Value |
|---|---|---|
| id | Resource Id | string |
Usage Examples
Azure Verified Modules
The following Azure Verified Modules can be used to deploy this resource type.
| Module | Description |
|---|---|
| Application Gateway | AVM Resource Module for Application Gateway |
Azure Quickstart Samples
The following Azure Quickstart templates contain Bicep samples for deploying this resource type.
| Bicep File | Description |
|---|---|
| AKS Cluster with a NAT Gateway and an Application Gateway | This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| AKS cluster with the Application Gateway Ingress Controller | This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Application Gateway for Url Path Based Routing | This template creates an Application Gateway and configures it for URL Path Based Routing. |
| Application Gateway with internal API Management and Web App | Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
| Application Gateway with WAF and firewall policy | This template creates an Application Gateway with WAF configured along with a firewall policy |
| Create a Web App, PE and Application Gateway v2 | This template creates an Azure Web App with Private endpoint in Azure Virtual Network Subnet , an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet). The Web App restricts access to traffic from the subnet using private endpoint |
| Create an Application Gateway v2 | This template creates an application gateway v2 in a virtual network and sets up auto scaling properties and an HTTP load-balancing rule with public frontend |
| Create an Azure Application Gateway v2 | This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool |
| Create an Azure WAF v2 on Azure Application Gateway | This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool |
| Create API Management in Internal VNet with App Gateway | This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway. |
| Create Application Gateway with Certificates | This template shows how to generate Key Vault self-signed certificates, then reference from Application Gateway. |
| Deploy a Windows VM scale set with Azure Application Gateway | This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs |
| Front Door Standard/Premium with Application Gateway origin | This template creates a Front Door Standard/Premium and an Application Gateway instance, and uses an NSG and WAF policy to validate that traffic has come through the Front Door origin. |
| Front Door with Container Instances and Application Gateway | This template creates a Front Door Standard/Premium with a container group and Application Gateway. |
ARM template resource definition
The applicationGateways resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/applicationGateways resource, add the following JSON to your template.
{
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2016-06-01",
"name": "string",
"etag": "string",
"___location": "string",
"properties": {
"authenticationCertificates": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"data": "string",
"provisioningState": "string"
}
}
],
"backendAddressPools": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"backendAddresses": [
{
"fqdn": "string",
"ipAddress": "string"
}
],
"backendIPConfigurations": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"applicationGatewayBackendAddressPools": [
...
],
"loadBalancerBackendAddressPools": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"provisioningState": "string"
}
}
],
"loadBalancerInboundNatRules": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"backendPort": "int",
"enableFloatingIP": "bool",
"frontendIPConfiguration": {
"id": "string"
},
"frontendPort": "int",
"idleTimeoutInMinutes": "int",
"protocol": "string",
"provisioningState": "string"
}
}
],
"primary": "bool",
"privateIPAddress": "string",
"privateIPAddressVersion": "string",
"privateIPAllocationMethod": "string",
"provisioningState": "string",
"publicIPAddress": {
"etag": "string",
"id": "string",
"___location": "string",
"properties": {
"dnsSettings": {
"domainNameLabel": "string",
"fqdn": "string",
"reverseFqdn": "string"
},
"idleTimeoutInMinutes": "int",
"ipAddress": "string",
"provisioningState": "string",
"publicIPAddressVersion": "string",
"publicIPAllocationMethod": "string",
"resourceGuid": "string"
},
"tags": {
"{customized property}": "string"
}
},
"subnet": {
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"addressPrefix": "string",
"networkSecurityGroup": {
"etag": "string",
"id": "string",
"___location": "string",
"properties": {
"defaultSecurityRules": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationPortRange": "string",
"direction": "string",
"priority": "int",
"protocol": "string",
"provisioningState": "string",
"sourceAddressPrefix": "string",
"sourcePortRange": "string"
}
}
],
"provisioningState": "string",
"resourceGuid": "string",
"securityRules": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationPortRange": "string",
"direction": "string",
"priority": "int",
"protocol": "string",
"provisioningState": "string",
"sourceAddressPrefix": "string",
"sourcePortRange": "string"
}
}
]
},
"tags": {
"{customized property}": "string"
}
},
"provisioningState": "string",
"resourceNavigationLinks": [
{
"id": "string",
"name": "string",
"properties": {
"link": "string",
"linkedResourceType": "string"
}
}
],
"routeTable": {
"etag": "string",
"id": "string",
"___location": "string",
"properties": {
"provisioningState": "string",
"routes": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"addressPrefix": "string",
"nextHopIpAddress": "string",
"nextHopType": "string",
"provisioningState": "string"
}
}
]
},
"tags": {
"{customized property}": "string"
}
}
}
}
}
}
],
"provisioningState": "string"
}
}
],
"backendHttpSettingsCollection": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"authenticationCertificates": [
{
"id": "string"
}
],
"cookieBasedAffinity": "string",
"port": "int",
"probe": {
"id": "string"
},
"protocol": "string",
"provisioningState": "string",
"requestTimeout": "int"
}
}
],
"frontendIPConfigurations": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"privateIPAddress": "string",
"privateIPAllocationMethod": "string",
"provisioningState": "string",
"publicIPAddress": {
"id": "string"
},
"subnet": {
"id": "string"
}
}
}
],
"frontendPorts": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"port": "int",
"provisioningState": "string"
}
}
],
"gatewayIPConfigurations": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"provisioningState": "string",
"subnet": {
"id": "string"
}
}
}
],
"httpListeners": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"frontendIPConfiguration": {
"id": "string"
},
"frontendPort": {
"id": "string"
},
"hostName": "string",
"protocol": "string",
"provisioningState": "string",
"requireServerNameIndication": "bool",
"sslCertificate": {
"id": "string"
}
}
}
],
"probes": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"host": "string",
"interval": "int",
"path": "string",
"protocol": "string",
"provisioningState": "string",
"timeout": "int",
"unhealthyThreshold": "int"
}
}
],
"provisioningState": "string",
"requestRoutingRules": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"backendAddressPool": {
"id": "string"
},
"backendHttpSettings": {
"id": "string"
},
"httpListener": {
"id": "string"
},
"provisioningState": "string",
"ruleType": "string",
"urlPathMap": {
"id": "string"
}
}
}
],
"resourceGuid": "string",
"sku": {
"capacity": "int",
"name": "string",
"tier": "string"
},
"sslCertificates": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"data": "string",
"password": "string",
"provisioningState": "string",
"publicCertData": "string"
}
}
],
"sslPolicy": {
"disabledSslProtocols": [ "string" ]
},
"urlPathMaps": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"defaultBackendAddressPool": {
"id": "string"
},
"defaultBackendHttpSettings": {
"id": "string"
},
"pathRules": [
{
"etag": "string",
"id": "string",
"name": "string",
"properties": {
"backendAddressPool": {
"id": "string"
},
"backendHttpSettings": {
"id": "string"
},
"paths": [ "string" ],
"provisioningState": "string"
}
}
],
"provisioningState": "string"
}
}
]
},
"tags": {
"{customized property}": "string"
}
}
Property Values
Microsoft.Network/applicationGateways
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2016-06-01' |
| etag | A unique read-only string that changes whenever the resource is updated | string |
| ___location | Resource ___location | string |
| name | The resource name | string (required) |
| properties | Properties of Application Gateway | ApplicationGatewayPropertiesFormat |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.Network/applicationGateways' |
ApplicationGatewayAuthenticationCertificate
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Authentication certificates of application gateway | ApplicationGatewayAuthenticationCertificatePropertiesFormat |
ApplicationGatewayAuthenticationCertificatePropertiesFormat
| Name | Description | Value |
|---|---|---|
| data | Certificate public data | string |
| provisioningState | Provisioning state of the authentication certificate resource Updating/Deleting/Failed | string |
ApplicationGatewayBackendAddress
| Name | Description | Value |
|---|---|---|
| fqdn | Dns name | string |
| ipAddress | Ip address | string |
ApplicationGatewayBackendAddressPool
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Backend Address Pool of application gateway | ApplicationGatewayBackendAddressPoolPropertiesFormat |
ApplicationGatewayBackendAddressPoolPropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddresses | Backend addresses | ApplicationGatewayBackendAddress[] |
| backendIPConfigurations | Collection of references to IPs defined in NICs | NetworkInterfaceIPConfiguration[] |
| provisioningState | Provisioning state of the backend address pool resource Updating/Deleting/Failed | string |
ApplicationGatewayBackendHttpSettings
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Backend address pool settings of application gateway | ApplicationGatewayBackendHttpSettingsPropertiesFormat |
ApplicationGatewayBackendHttpSettingsPropertiesFormat
| Name | Description | Value |
|---|---|---|
| authenticationCertificates | Array of references to Application Gateway Authentication Certificates | SubResource[] |
| cookieBasedAffinity | Cookie affinity | 'Disabled' 'Enabled' |
| port | Port | int |
| probe | Probe resource of application gateway | SubResource |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
| requestTimeout | Request timeout | int |
ApplicationGatewayFrontendIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Frontend IP configuration of application gateway | ApplicationGatewayFrontendIPConfigurationPropertiesFormat |
ApplicationGatewayFrontendIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| privateIPAddress | PrivateIPAddress of the Network Interface IP Configuration | string |
| privateIPAllocationMethod | PrivateIP allocation method (Static/Dynamic) | 'Dynamic' 'Static' |
| provisioningState | Provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| publicIPAddress | Reference of the PublicIP resource | SubResource |
| subnet | Reference of the subnet resource | SubResource |
ApplicationGatewayFrontendPort
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Frontend Port of application gateway | ApplicationGatewayFrontendPortPropertiesFormat |
ApplicationGatewayFrontendPortPropertiesFormat
| Name | Description | Value |
|---|---|---|
| port | Frontend port | int |
| provisioningState | Provisioning state of the frontend port resource Updating/Deleting/Failed | string |
ApplicationGatewayHttpListener
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Http listener of application gateway | ApplicationGatewayHttpListenerPropertiesFormat |
ApplicationGatewayHttpListenerPropertiesFormat
| Name | Description | Value |
|---|---|---|
| frontendIPConfiguration | Frontend IP configuration resource of application gateway | SubResource |
| frontendPort | Frontend port resource of application gateway | SubResource |
| hostName | Host name of http listener | string |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the http listener resource Updating/Deleting/Failed | string |
| requireServerNameIndication | RequireServerNameIndication of http listener | bool |
| sslCertificate | Ssl certificate resource of application gateway | SubResource |
ApplicationGatewayIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of IP configuration of application gateway | ApplicationGatewayIPConfigurationPropertiesFormat |
ApplicationGatewayIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Provisioning state of the application gateway subnet resource Updating/Deleting/Failed | string |
| subnet | Reference of the subnet resource. A subnet from where application gateway gets its private address | SubResource |
ApplicationGatewayPathRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of probe of application gateway | ApplicationGatewayPathRulePropertiesFormat |
ApplicationGatewayPathRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddressPool | Backend address pool resource of URL path map | SubResource |
| backendHttpSettings | Backend http settings resource of URL path map | SubResource |
| paths | Path rules of URL path map | string[] |
| provisioningState | Path rule of URL path map resource Updating/Deleting/Failed | string |
ApplicationGatewayProbe
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of probe of application gateway | ApplicationGatewayProbePropertiesFormat |
ApplicationGatewayProbePropertiesFormat
| Name | Description | Value |
|---|---|---|
| host | Host to send probe to | string |
| interval | Probing interval in seconds | int |
| path | Relative path of probe | string |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
| timeout | Probing timeout in seconds | int |
| unhealthyThreshold | Probing unhealthy threshold | int |
ApplicationGatewayPropertiesFormat
| Name | Description | Value |
|---|---|---|
| authenticationCertificates | Authentication certificates of application gateway resource | ApplicationGatewayAuthenticationCertificate[] |
| backendAddressPools | Backend address pool of application gateway resource | ApplicationGatewayBackendAddressPool[] |
| backendHttpSettingsCollection | Backend http settings of application gateway resource | ApplicationGatewayBackendHttpSettings[] |
| frontendIPConfigurations | Frontend IP addresses of application gateway resource | ApplicationGatewayFrontendIPConfiguration[] |
| frontendPorts | Frontend ports of application gateway resource | ApplicationGatewayFrontendPort[] |
| gatewayIPConfigurations | Subnets of application gateway resource | ApplicationGatewayIPConfiguration[] |
| httpListeners | HTTP listeners of application gateway resource | ApplicationGatewayHttpListener[] |
| probes | Probes of application gateway resource | ApplicationGatewayProbe[] |
| provisioningState | Provisioning state of the ApplicationGateway resource Updating/Deleting/Failed | string |
| requestRoutingRules | Request routing rules of application gateway resource | ApplicationGatewayRequestRoutingRule[] |
| resourceGuid | Resource guid property of the ApplicationGateway resource | string |
| sku | Sku of application gateway resource | ApplicationGatewaySku |
| sslCertificates | SSL certificates of application gateway resource | ApplicationGatewaySslCertificate[] |
| sslPolicy | SSL policy of application gateway resource | ApplicationGatewaySslPolicy |
| urlPathMaps | URL path map of application gateway resource | ApplicationGatewayUrlPathMap[] |
ApplicationGatewayRequestRoutingRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Request routing rule of application gateway | ApplicationGatewayRequestRoutingRulePropertiesFormat |
ApplicationGatewayRequestRoutingRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddressPool | Backend address pool resource of application gateway | SubResource |
| backendHttpSettings | Frontend port resource of application gateway | SubResource |
| httpListener | Http listener resource of application gateway | SubResource |
| provisioningState | Provisioning state of the request routing rule resource Updating/Deleting/Failed | string |
| ruleType | Rule type | 'Basic' 'PathBasedRouting' |
| urlPathMap | Url path map resource of application gateway | SubResource |
ApplicationGatewaySku
| Name | Description | Value |
|---|---|---|
| capacity | Capacity (instance count) of application gateway | int |
| name | Name of application gateway SKU | 'Standard_Large' 'Standard_Medium' 'Standard_Small' |
| tier | Tier of application gateway | 'Standard' |
ApplicationGatewaySslCertificate
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of SSL certificates of application gateway | ApplicationGatewaySslCertificatePropertiesFormat |
ApplicationGatewaySslCertificatePropertiesFormat
| Name | Description | Value |
|---|---|---|
| data | SSL Certificate data | string |
| password | SSL Certificate password | string |
| provisioningState | Provisioning state of the ssl certificate resource Updating/Deleting/Failed | string |
| publicCertData | SSL Certificate public data | string |
ApplicationGatewaySslPolicy
| Name | Description | Value |
|---|---|---|
| disabledSslProtocols | SSL protocols to be disabled on Application Gateway | String array containing any of: 'TLSv1_0' 'TLSv1_1' 'TLSv1_2' |
ApplicationGatewayUrlPathMap
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of UrlPathMap of application gateway | ApplicationGatewayUrlPathMapPropertiesFormat |
ApplicationGatewayUrlPathMapPropertiesFormat
| Name | Description | Value |
|---|---|---|
| defaultBackendAddressPool | Default backend address pool resource of URL path map | SubResource |
| defaultBackendHttpSettings | Default backend http settings resource of URL path map | SubResource |
| pathRules | Path rule of URL path map resource | ApplicationGatewayPathRule[] |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
BackendAddressPool
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of BackendAddressPool | BackendAddressPoolPropertiesFormat |
BackendAddressPoolPropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Get provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
InboundNatRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Inbound NAT rule | InboundNatRulePropertiesFormat |
InboundNatRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendPort | Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API | int |
| enableFloatingIP | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint | bool |
| frontendIPConfiguration | Gets or sets a reference to frontend IP Addresses | SubResource |
| frontendPort | Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive | int |
| idleTimeoutInMinutes | Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp | int |
| protocol | Gets or sets the transport protocol for the endpoint. Possible values are Udp or Tcp | 'Tcp' 'Udp' |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
NetworkInterfaceIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of IPConfiguration | NetworkInterfaceIPConfigurationPropertiesFormat |
NetworkInterfaceIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| applicationGatewayBackendAddressPools | Gets or sets the reference of ApplicationGatewayBackendAddressPool resource | ApplicationGatewayBackendAddressPool[] |
| loadBalancerBackendAddressPools | Gets or sets the reference of LoadBalancerBackendAddressPool resource | BackendAddressPool[] |
| loadBalancerInboundNatRules | Gets or sets list of references of LoadBalancerInboundNatRules | InboundNatRule[] |
| primary | Gets whether this is a primary customer address on the NIC | bool |
| privateIPAddress | string | |
| privateIPAddressVersion | Gets or sets PrivateIP address version (IPv4/IPv6) | 'IPv4' 'IPv6' |
| privateIPAllocationMethod | Gets or sets PrivateIP allocation method | 'Dynamic' 'Static' |
| provisioningState | string | |
| publicIPAddress | PublicIPAddress resource | PublicIPAddress |
| subnet | Subnet in a VirtualNetwork resource | Subnet |
NetworkSecurityGroup
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | Network Security Group resource | NetworkSecurityGroupPropertiesFormat |
| tags | Resource tags | ResourceTags |
NetworkSecurityGroupPropertiesFormat
| Name | Description | Value |
|---|---|---|
| defaultSecurityRules | Gets or default security rules of network security group | SecurityRule[] |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| resourceGuid | Gets or sets resource guid property of the network security group resource | string |
| securityRules | Gets or sets security rules of network security group | SecurityRule[] |
PublicIPAddress
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | PublicIpAddress properties | PublicIPAddressPropertiesFormat |
| tags | Resource tags | ResourceTags |
PublicIPAddressDnsSettings
| Name | Description | Value |
|---|---|---|
| domainNameLabel | Gets or sets the Domain name label.The concatenation of the ___domain name label and the regionalized DNS zone make up the fully qualified ___domain name associated with the public IP address. If a ___domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
| fqdn | Gets the FQDN, Fully qualified ___domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | string |
| reverseFqdn | Gets or Sets the Reverse FQDN. A user-visible, fully qualified ___domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa ___domain to the reverse FQDN. | string |
PublicIPAddressPropertiesFormat
| Name | Description | Value |
|---|---|---|
| dnsSettings | Gets or sets FQDN of the DNS record associated with the public IP address | PublicIPAddressDnsSettings |
| idleTimeoutInMinutes | Gets or sets the idle timeout of the public IP address | int |
| ipAddress | string | |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| publicIPAddressVersion | Gets or sets PublicIP address version (IPv4/IPv6) | 'IPv4' 'IPv6' |
| publicIPAllocationMethod | Gets or sets PublicIP allocation method (Static/Dynamic) | 'Dynamic' 'Static' |
| resourceGuid | Gets or sets resource guid property of the PublicIP resource | string |
ResourceNavigationLink
| Name | Description | Value |
|---|---|---|
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of ResourceNavigationLink | ResourceNavigationLinkFormat |
ResourceNavigationLinkFormat
| Name | Description | Value |
|---|---|---|
| link | Link to the external resource | string |
| linkedResourceType | Resource type of the linked resource | string |
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
Route
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Route resource | RoutePropertiesFormat |
RoutePropertiesFormat
| Name | Description | Value |
|---|---|---|
| addressPrefix | Gets or sets the destination CIDR to which the route applies. | string |
| nextHopIpAddress | Gets or sets the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | string |
| nextHopType | Gets or sets the type of Azure hop the packet should be sent to. | 'Internet' 'None' 'VirtualAppliance' 'VirtualNetworkGateway' 'VnetLocal' (required) |
| provisioningState | Gets provisioning state of the resource Updating/Deleting/Failed | string |
RouteTable
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | Route Table resource | RouteTablePropertiesFormat |
| tags | Resource tags | ResourceTags |
RouteTablePropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Gets provisioning state of the resource Updating/Deleting/Failed | string |
| routes | Gets or sets Routes in a Route Table | Route[] |
SecurityRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| access | Gets or sets network traffic is allowed or denied. Possible values are 'Allow' and 'Deny' | 'Allow' 'Deny' (required) |
| description | Gets or sets a description for this rule. Restricted to 140 chars. | string |
| destinationAddressPrefix | Gets or sets destination address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string (required) |
| destinationPortRange | Gets or sets Destination Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
| direction | Gets or sets the direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
| priority | Gets or sets the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
| protocol | Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*). | '*' 'Tcp' 'Udp' (required) |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| sourceAddressPrefix | Gets or sets source address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string (required) |
| sourcePortRange | Gets or sets Source Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
Subnet
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets or sets the name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | SubnetPropertiesFormat |
SubnetPropertiesFormat
| Name | Description | Value |
|---|---|---|
| addressPrefix | Gets or sets Address prefix for the subnet. | string |
| networkSecurityGroup | Gets or sets the reference of the NetworkSecurityGroup resource | NetworkSecurityGroup |
| provisioningState | Gets provisioning state of the resource | string |
| resourceNavigationLinks | Gets array of references to the external resources using subnet | ResourceNavigationLink[] |
| routeTable | Gets or sets the reference of the RouteTable resource | RouteTable |
SubResource
| Name | Description | Value |
|---|---|---|
| id | Resource Id | string |
Usage Examples
Azure Quickstart Templates
The following Azure Quickstart templates deploy this resource type.
| Template | Description |
|---|---|
AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| App Gateway with WAF, SSL, IIS and HTTPS redirection |
This template deploys an Application Gateway with WAF, end to end SSL and HTTP to HTTPS redirect on the IIS servers. |
| Application Gateway for a Web App with IP Restriction |
This template creates an application gateway in front of an Azure Web App with IP restriction enabled on the Web App. |
| Application Gateway for Multi Hosting |
This template creates an Application Gateway and configures it for Multi Hosting on port 443. |
| Application Gateway for Url Path Based Routing |
This template creates an Application Gateway and configures it for URL Path Based Routing. |
| Application Gateway with internal API Management and Web App |
Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
| Application Gateway with WAF and firewall policy |
This template creates an Application Gateway with WAF configured along with a firewall policy |
| Autoscale LANSA Windows VM ScaleSet with Azure SQL Database |
The template deploys a Windows VMSS with a desired count of VMs in the scale set and a LANSA MSI to install into each VM. Once the VM Scale Set is deployed a custom script extension is used to install the LANSA MSI) |
| Azure Application Gateway Demo Setup |
This template allows you to quickly deploy Azure Application Gateway demo to test load-balancing with or without cookie-based affinity. |
| Create a Web App protected by Application Gateway v2 |
This template creates an Azure Web App with Access Restriction for an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet) which has a 'Microsoft.Web' Service Endpoint enabled. The Web App restricts access to traffic from the subnet. |
| Create a Web App, PE and Application Gateway v2 |
This template creates an Azure Web App with Private endpoint in Azure Virtual Network Subnet , an Application Gateway v2. The Application Gateway is deployed in a vNet (subnet). The Web App restricts access to traffic from the subnet using private endpoint |
| Create a WordPress site in a virtual network |
This template creates a WordPress site on Container Instance in a virtual network. And output a public site FQDN which could access WordPress site. |
| Create an Application Gateway |
This template creates an application gateway in a virtual network and sets up load balancing rules for any number of virtual machines |
| Create an Application Gateway (Custom SSL) |
This template deploys an Application Gateway configured with a custom ssl policy. |
| Create an Application Gateway (SSL Policy) |
This template deploys an Application Gateway configured with a predefined ssl policy. |
| Create an Application Gateway (WAF) |
This template creates an application gateway with Web Application Firewall functionality in a virtual network and sets up load balancing rules for any number of virtual machines |
| Create an Application Gateway for WebApps |
This template creates an application gateway in front of two Azure Web Apps with a custom probe enabled. |
| Create an Application Gateway v2 |
This template creates an application gateway v2 in a virtual network and sets up auto scaling properties and an HTTP load-balancing rule with public frontend |
| Create an Application Gateway V2 with Key Vault |
This template deploys an Application Gateway V2 in a Virtual Network, a user defined identity, Key Vault, a secret (cert data), and access policy on Key Vault and Application Gateway. |
| Create an Application Gateway with Path Override |
This template deploys an Application Gateway and shows usage of the path override feature for a backend address pool. |
| Create an Application Gateway with Probe |
This template deploys an Application Gateway with enhanced probe functionality. |
| Create an Application Gateway with Public IP |
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Http Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers. |
| Create an Application Gateway with Public IP (Offload) |
This template creates an Application Gateway, Public IP address for the Application Gateway, and the Virtual Network in which Application Gateway is deployed. Also configures Application Gateway for Ssl Offload and Load balancing with Two backend servers. Note that you have to specify valid IPs for backend servers. |
| Create an Application Gateway with Redirect |
This template creates an application gateway with Redirect functionalities in a virtual network and sets up load balancing and redirect rules (basic and pathbased) |
| Create an Application Gateway with Rewrite |
This template creates an application gateway with Rewrite functionalities in a virtual network and sets up load balancing, rewrite rules |
| Create an Azure Application Gateway v2 |
This template creates an Azure Application Gateway with two Windows Server 2016 servers in the backend pool |
| Create an Azure WAF v2 on Azure Application Gateway |
This template creates an Azure Web Application Firewall v2 on Azure Application Gateway with two Windows Server 2016 servers in the backend pool |
| Create an IPv6 Application Gateway |
This template creates an application gateway with an IPv6 frontend in a dual-stack virtual network. |
| Create API Management in Internal VNet with App Gateway |
This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway. |
| Create Application Gateway with Certificates |
This template shows how to generate Key Vault self-signed certificates, then reference from Application Gateway. |
| Deploy a Windows VM scale set with Azure Application Gateway |
This template allows you to deploy a simple Windows VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs |
| Deploy an Ubuntu VM scale set with Azure Application Gateway |
This template allows you to deploy a simple Ubuntu VM Scale Set integrated with Azure Application Gateway, and supports up to 1000 VMs |
| eShop Website with ILB ASE |
An App Service Environment is a Premium service plan option of Azure App Service that provides a fully isolated and dedicated environment for securely running Azure App Service apps at high scale, including Web Apps, Mobile Apps, and API Apps. |
| Front Door Standard/Premium with Application Gateway origin |
This template creates a Front Door Standard/Premium and an Application Gateway instance, and uses an NSG and WAF policy to validate that traffic has come through the Front Door origin. |
| Front Door with Container Instances and Application Gateway |
This template creates a Front Door Standard/Premium with a container group and Application Gateway. |
| Multi tier App with NSG, ILB, AppGateway |
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing |
| Multi tier traffic manager, L4 ILB, L7 AppGateway |
This template deploys a Virtual Network, segregates the network through subnets, deploys VMs and configures load balancing |
Terraform (AzAPI provider) resource definition
The applicationGateways resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Network/applicationGateways resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/applicationGateways@2016-06-01"
name = "string"
parent_id = "string"
___location = "string"
tags = {
{customized property} = "string"
}
body = {
etag = "string"
properties = {
authenticationCertificates = [
{
etag = "string"
id = "string"
name = "string"
properties = {
data = "string"
provisioningState = "string"
}
}
]
backendAddressPools = [
{
etag = "string"
id = "string"
name = "string"
properties = {
backendAddresses = [
{
fqdn = "string"
ipAddress = "string"
}
]
backendIPConfigurations = [
{
etag = "string"
id = "string"
name = "string"
properties = {
applicationGatewayBackendAddressPools = [
...
]
loadBalancerBackendAddressPools = [
{
etag = "string"
id = "string"
name = "string"
properties = {
provisioningState = "string"
}
}
]
loadBalancerInboundNatRules = [
{
etag = "string"
id = "string"
name = "string"
properties = {
backendPort = int
enableFloatingIP = bool
frontendIPConfiguration = {
id = "string"
}
frontendPort = int
idleTimeoutInMinutes = int
protocol = "string"
provisioningState = "string"
}
}
]
primary = bool
privateIPAddress = "string"
privateIPAddressVersion = "string"
privateIPAllocationMethod = "string"
provisioningState = "string"
publicIPAddress = {
etag = "string"
id = "string"
___location = "string"
properties = {
dnsSettings = {
domainNameLabel = "string"
fqdn = "string"
reverseFqdn = "string"
}
idleTimeoutInMinutes = int
ipAddress = "string"
provisioningState = "string"
publicIPAddressVersion = "string"
publicIPAllocationMethod = "string"
resourceGuid = "string"
}
tags = {
{customized property} = "string"
}
}
subnet = {
etag = "string"
id = "string"
name = "string"
properties = {
addressPrefix = "string"
networkSecurityGroup = {
etag = "string"
id = "string"
___location = "string"
properties = {
defaultSecurityRules = [
{
etag = "string"
id = "string"
name = "string"
properties = {
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationPortRange = "string"
direction = "string"
priority = int
protocol = "string"
provisioningState = "string"
sourceAddressPrefix = "string"
sourcePortRange = "string"
}
}
]
provisioningState = "string"
resourceGuid = "string"
securityRules = [
{
etag = "string"
id = "string"
name = "string"
properties = {
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationPortRange = "string"
direction = "string"
priority = int
protocol = "string"
provisioningState = "string"
sourceAddressPrefix = "string"
sourcePortRange = "string"
}
}
]
}
tags = {
{customized property} = "string"
}
}
provisioningState = "string"
resourceNavigationLinks = [
{
id = "string"
name = "string"
properties = {
link = "string"
linkedResourceType = "string"
}
}
]
routeTable = {
etag = "string"
id = "string"
___location = "string"
properties = {
provisioningState = "string"
routes = [
{
etag = "string"
id = "string"
name = "string"
properties = {
addressPrefix = "string"
nextHopIpAddress = "string"
nextHopType = "string"
provisioningState = "string"
}
}
]
}
tags = {
{customized property} = "string"
}
}
}
}
}
}
]
provisioningState = "string"
}
}
]
backendHttpSettingsCollection = [
{
etag = "string"
id = "string"
name = "string"
properties = {
authenticationCertificates = [
{
id = "string"
}
]
cookieBasedAffinity = "string"
port = int
probe = {
id = "string"
}
protocol = "string"
provisioningState = "string"
requestTimeout = int
}
}
]
frontendIPConfigurations = [
{
etag = "string"
id = "string"
name = "string"
properties = {
privateIPAddress = "string"
privateIPAllocationMethod = "string"
provisioningState = "string"
publicIPAddress = {
id = "string"
}
subnet = {
id = "string"
}
}
}
]
frontendPorts = [
{
etag = "string"
id = "string"
name = "string"
properties = {
port = int
provisioningState = "string"
}
}
]
gatewayIPConfigurations = [
{
etag = "string"
id = "string"
name = "string"
properties = {
provisioningState = "string"
subnet = {
id = "string"
}
}
}
]
httpListeners = [
{
etag = "string"
id = "string"
name = "string"
properties = {
frontendIPConfiguration = {
id = "string"
}
frontendPort = {
id = "string"
}
hostName = "string"
protocol = "string"
provisioningState = "string"
requireServerNameIndication = bool
sslCertificate = {
id = "string"
}
}
}
]
probes = [
{
etag = "string"
id = "string"
name = "string"
properties = {
host = "string"
interval = int
path = "string"
protocol = "string"
provisioningState = "string"
timeout = int
unhealthyThreshold = int
}
}
]
provisioningState = "string"
requestRoutingRules = [
{
etag = "string"
id = "string"
name = "string"
properties = {
backendAddressPool = {
id = "string"
}
backendHttpSettings = {
id = "string"
}
httpListener = {
id = "string"
}
provisioningState = "string"
ruleType = "string"
urlPathMap = {
id = "string"
}
}
}
]
resourceGuid = "string"
sku = {
capacity = int
name = "string"
tier = "string"
}
sslCertificates = [
{
etag = "string"
id = "string"
name = "string"
properties = {
data = "string"
password = "string"
provisioningState = "string"
publicCertData = "string"
}
}
]
sslPolicy = {
disabledSslProtocols = [
"string"
]
}
urlPathMaps = [
{
etag = "string"
id = "string"
name = "string"
properties = {
defaultBackendAddressPool = {
id = "string"
}
defaultBackendHttpSettings = {
id = "string"
}
pathRules = [
{
etag = "string"
id = "string"
name = "string"
properties = {
backendAddressPool = {
id = "string"
}
backendHttpSettings = {
id = "string"
}
paths = [
"string"
]
provisioningState = "string"
}
}
]
provisioningState = "string"
}
}
]
}
}
}
Property Values
Microsoft.Network/applicationGateways
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| ___location | Resource ___location | string |
| name | The resource name | string (required) |
| parent_id | The ID of the resource to apply this extension resource to. | string (required) |
| properties | Properties of Application Gateway | ApplicationGatewayPropertiesFormat |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.Network/applicationGateways@2016-06-01" |
ApplicationGatewayAuthenticationCertificate
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Authentication certificates of application gateway | ApplicationGatewayAuthenticationCertificatePropertiesFormat |
ApplicationGatewayAuthenticationCertificatePropertiesFormat
| Name | Description | Value |
|---|---|---|
| data | Certificate public data | string |
| provisioningState | Provisioning state of the authentication certificate resource Updating/Deleting/Failed | string |
ApplicationGatewayBackendAddress
| Name | Description | Value |
|---|---|---|
| fqdn | Dns name | string |
| ipAddress | Ip address | string |
ApplicationGatewayBackendAddressPool
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Backend Address Pool of application gateway | ApplicationGatewayBackendAddressPoolPropertiesFormat |
ApplicationGatewayBackendAddressPoolPropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddresses | Backend addresses | ApplicationGatewayBackendAddress[] |
| backendIPConfigurations | Collection of references to IPs defined in NICs | NetworkInterfaceIPConfiguration[] |
| provisioningState | Provisioning state of the backend address pool resource Updating/Deleting/Failed | string |
ApplicationGatewayBackendHttpSettings
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Backend address pool settings of application gateway | ApplicationGatewayBackendHttpSettingsPropertiesFormat |
ApplicationGatewayBackendHttpSettingsPropertiesFormat
| Name | Description | Value |
|---|---|---|
| authenticationCertificates | Array of references to Application Gateway Authentication Certificates | SubResource[] |
| cookieBasedAffinity | Cookie affinity | 'Disabled' 'Enabled' |
| port | Port | int |
| probe | Probe resource of application gateway | SubResource |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
| requestTimeout | Request timeout | int |
ApplicationGatewayFrontendIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Frontend IP configuration of application gateway | ApplicationGatewayFrontendIPConfigurationPropertiesFormat |
ApplicationGatewayFrontendIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| privateIPAddress | PrivateIPAddress of the Network Interface IP Configuration | string |
| privateIPAllocationMethod | PrivateIP allocation method (Static/Dynamic) | 'Dynamic' 'Static' |
| provisioningState | Provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| publicIPAddress | Reference of the PublicIP resource | SubResource |
| subnet | Reference of the subnet resource | SubResource |
ApplicationGatewayFrontendPort
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Frontend Port of application gateway | ApplicationGatewayFrontendPortPropertiesFormat |
ApplicationGatewayFrontendPortPropertiesFormat
| Name | Description | Value |
|---|---|---|
| port | Frontend port | int |
| provisioningState | Provisioning state of the frontend port resource Updating/Deleting/Failed | string |
ApplicationGatewayHttpListener
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Http listener of application gateway | ApplicationGatewayHttpListenerPropertiesFormat |
ApplicationGatewayHttpListenerPropertiesFormat
| Name | Description | Value |
|---|---|---|
| frontendIPConfiguration | Frontend IP configuration resource of application gateway | SubResource |
| frontendPort | Frontend port resource of application gateway | SubResource |
| hostName | Host name of http listener | string |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the http listener resource Updating/Deleting/Failed | string |
| requireServerNameIndication | RequireServerNameIndication of http listener | bool |
| sslCertificate | Ssl certificate resource of application gateway | SubResource |
ApplicationGatewayIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of IP configuration of application gateway | ApplicationGatewayIPConfigurationPropertiesFormat |
ApplicationGatewayIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Provisioning state of the application gateway subnet resource Updating/Deleting/Failed | string |
| subnet | Reference of the subnet resource. A subnet from where application gateway gets its private address | SubResource |
ApplicationGatewayPathRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of probe of application gateway | ApplicationGatewayPathRulePropertiesFormat |
ApplicationGatewayPathRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddressPool | Backend address pool resource of URL path map | SubResource |
| backendHttpSettings | Backend http settings resource of URL path map | SubResource |
| paths | Path rules of URL path map | string[] |
| provisioningState | Path rule of URL path map resource Updating/Deleting/Failed | string |
ApplicationGatewayProbe
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of probe of application gateway | ApplicationGatewayProbePropertiesFormat |
ApplicationGatewayProbePropertiesFormat
| Name | Description | Value |
|---|---|---|
| host | Host to send probe to | string |
| interval | Probing interval in seconds | int |
| path | Relative path of probe | string |
| protocol | Protocol | 'Http' 'Https' |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
| timeout | Probing timeout in seconds | int |
| unhealthyThreshold | Probing unhealthy threshold | int |
ApplicationGatewayPropertiesFormat
| Name | Description | Value |
|---|---|---|
| authenticationCertificates | Authentication certificates of application gateway resource | ApplicationGatewayAuthenticationCertificate[] |
| backendAddressPools | Backend address pool of application gateway resource | ApplicationGatewayBackendAddressPool[] |
| backendHttpSettingsCollection | Backend http settings of application gateway resource | ApplicationGatewayBackendHttpSettings[] |
| frontendIPConfigurations | Frontend IP addresses of application gateway resource | ApplicationGatewayFrontendIPConfiguration[] |
| frontendPorts | Frontend ports of application gateway resource | ApplicationGatewayFrontendPort[] |
| gatewayIPConfigurations | Subnets of application gateway resource | ApplicationGatewayIPConfiguration[] |
| httpListeners | HTTP listeners of application gateway resource | ApplicationGatewayHttpListener[] |
| probes | Probes of application gateway resource | ApplicationGatewayProbe[] |
| provisioningState | Provisioning state of the ApplicationGateway resource Updating/Deleting/Failed | string |
| requestRoutingRules | Request routing rules of application gateway resource | ApplicationGatewayRequestRoutingRule[] |
| resourceGuid | Resource guid property of the ApplicationGateway resource | string |
| sku | Sku of application gateway resource | ApplicationGatewaySku |
| sslCertificates | SSL certificates of application gateway resource | ApplicationGatewaySslCertificate[] |
| sslPolicy | SSL policy of application gateway resource | ApplicationGatewaySslPolicy |
| urlPathMaps | URL path map of application gateway resource | ApplicationGatewayUrlPathMap[] |
ApplicationGatewayRequestRoutingRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Request routing rule of application gateway | ApplicationGatewayRequestRoutingRulePropertiesFormat |
ApplicationGatewayRequestRoutingRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendAddressPool | Backend address pool resource of application gateway | SubResource |
| backendHttpSettings | Frontend port resource of application gateway | SubResource |
| httpListener | Http listener resource of application gateway | SubResource |
| provisioningState | Provisioning state of the request routing rule resource Updating/Deleting/Failed | string |
| ruleType | Rule type | 'Basic' 'PathBasedRouting' |
| urlPathMap | Url path map resource of application gateway | SubResource |
ApplicationGatewaySku
| Name | Description | Value |
|---|---|---|
| capacity | Capacity (instance count) of application gateway | int |
| name | Name of application gateway SKU | 'Standard_Large' 'Standard_Medium' 'Standard_Small' |
| tier | Tier of application gateway | 'Standard' |
ApplicationGatewaySslCertificate
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of SSL certificates of application gateway | ApplicationGatewaySslCertificatePropertiesFormat |
ApplicationGatewaySslCertificatePropertiesFormat
| Name | Description | Value |
|---|---|---|
| data | SSL Certificate data | string |
| password | SSL Certificate password | string |
| provisioningState | Provisioning state of the ssl certificate resource Updating/Deleting/Failed | string |
| publicCertData | SSL Certificate public data | string |
ApplicationGatewaySslPolicy
| Name | Description | Value |
|---|---|---|
| disabledSslProtocols | SSL protocols to be disabled on Application Gateway | String array containing any of: 'TLSv1_0' 'TLSv1_1' 'TLSv1_2' |
ApplicationGatewayUrlPathMap
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of UrlPathMap of application gateway | ApplicationGatewayUrlPathMapPropertiesFormat |
ApplicationGatewayUrlPathMapPropertiesFormat
| Name | Description | Value |
|---|---|---|
| defaultBackendAddressPool | Default backend address pool resource of URL path map | SubResource |
| defaultBackendHttpSettings | Default backend http settings resource of URL path map | SubResource |
| pathRules | Path rule of URL path map resource | ApplicationGatewayPathRule[] |
| provisioningState | Provisioning state of the backend http settings resource Updating/Deleting/Failed | string |
BackendAddressPool
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of BackendAddressPool | BackendAddressPoolPropertiesFormat |
BackendAddressPoolPropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Get provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
InboundNatRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of Inbound NAT rule | InboundNatRulePropertiesFormat |
InboundNatRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| backendPort | Gets or sets a port used for internal connections on the endpoint. The localPort attribute maps the eternal port of the endpoint to an internal port on a role. This is useful in scenarios where a role must communicate to an internal component on a port that is different from the one that is exposed externally. If not specified, the value of localPort is the same as the port attribute. Set the value of localPort to '*' to automatically assign an unallocated port that is discoverable using the runtime API | int |
| enableFloatingIP | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn availability Group. This setting is required when using the SQL Always ON availability Groups in SQL server. This setting can't be changed after you create the endpoint | bool |
| frontendIPConfiguration | Gets or sets a reference to frontend IP Addresses | SubResource |
| frontendPort | Gets or sets the port for the external endpoint. You can specify any port number you choose, but the port numbers specified for each role in the service must be unique. Possible values range between 1 and 65535, inclusive | int |
| idleTimeoutInMinutes | Gets or sets the timeout for the Tcp idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to Tcp | int |
| protocol | Gets or sets the transport protocol for the endpoint. Possible values are Udp or Tcp | 'Tcp' 'Udp' |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
NetworkInterfaceIPConfiguration
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of IPConfiguration | NetworkInterfaceIPConfigurationPropertiesFormat |
NetworkInterfaceIPConfigurationPropertiesFormat
| Name | Description | Value |
|---|---|---|
| applicationGatewayBackendAddressPools | Gets or sets the reference of ApplicationGatewayBackendAddressPool resource | ApplicationGatewayBackendAddressPool[] |
| loadBalancerBackendAddressPools | Gets or sets the reference of LoadBalancerBackendAddressPool resource | BackendAddressPool[] |
| loadBalancerInboundNatRules | Gets or sets list of references of LoadBalancerInboundNatRules | InboundNatRule[] |
| primary | Gets whether this is a primary customer address on the NIC | bool |
| privateIPAddress | string | |
| privateIPAddressVersion | Gets or sets PrivateIP address version (IPv4/IPv6) | 'IPv4' 'IPv6' |
| privateIPAllocationMethod | Gets or sets PrivateIP allocation method | 'Dynamic' 'Static' |
| provisioningState | string | |
| publicIPAddress | PublicIPAddress resource | PublicIPAddress |
| subnet | Subnet in a VirtualNetwork resource | Subnet |
NetworkSecurityGroup
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | Network Security Group resource | NetworkSecurityGroupPropertiesFormat |
| tags | Resource tags | ResourceTags |
NetworkSecurityGroupPropertiesFormat
| Name | Description | Value |
|---|---|---|
| defaultSecurityRules | Gets or default security rules of network security group | SecurityRule[] |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| resourceGuid | Gets or sets resource guid property of the network security group resource | string |
| securityRules | Gets or sets security rules of network security group | SecurityRule[] |
PublicIPAddress
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | PublicIpAddress properties | PublicIPAddressPropertiesFormat |
| tags | Resource tags | ResourceTags |
PublicIPAddressDnsSettings
| Name | Description | Value |
|---|---|---|
| domainNameLabel | Gets or sets the Domain name label.The concatenation of the ___domain name label and the regionalized DNS zone make up the fully qualified ___domain name associated with the public IP address. If a ___domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
| fqdn | Gets the FQDN, Fully qualified ___domain name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | string |
| reverseFqdn | Gets or Sets the Reverse FQDN. A user-visible, fully qualified ___domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa ___domain to the reverse FQDN. | string |
PublicIPAddressPropertiesFormat
| Name | Description | Value |
|---|---|---|
| dnsSettings | Gets or sets FQDN of the DNS record associated with the public IP address | PublicIPAddressDnsSettings |
| idleTimeoutInMinutes | Gets or sets the idle timeout of the public IP address | int |
| ipAddress | string | |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| publicIPAddressVersion | Gets or sets PublicIP address version (IPv4/IPv6) | 'IPv4' 'IPv6' |
| publicIPAllocationMethod | Gets or sets PublicIP allocation method (Static/Dynamic) | 'Dynamic' 'Static' |
| resourceGuid | Gets or sets resource guid property of the PublicIP resource | string |
ResourceNavigationLink
| Name | Description | Value |
|---|---|---|
| id | Resource Id | string |
| name | Name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Properties of ResourceNavigationLink | ResourceNavigationLinkFormat |
ResourceNavigationLinkFormat
| Name | Description | Value |
|---|---|---|
| link | Link to the external resource | string |
| linkedResourceType | Resource type of the linked resource | string |
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
ResourceTags
| Name | Description | Value |
|---|
Route
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | Route resource | RoutePropertiesFormat |
RoutePropertiesFormat
| Name | Description | Value |
|---|---|---|
| addressPrefix | Gets or sets the destination CIDR to which the route applies. | string |
| nextHopIpAddress | Gets or sets the IP address packets should be forwarded to. Next hop values are only allowed in routes where the next hop type is VirtualAppliance. | string |
| nextHopType | Gets or sets the type of Azure hop the packet should be sent to. | 'Internet' 'None' 'VirtualAppliance' 'VirtualNetworkGateway' 'VnetLocal' (required) |
| provisioningState | Gets provisioning state of the resource Updating/Deleting/Failed | string |
RouteTable
| Name | Description | Value |
|---|---|---|
| etag | Gets a unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| ___location | Resource ___location | string |
| properties | Route Table resource | RouteTablePropertiesFormat |
| tags | Resource tags | ResourceTags |
RouteTablePropertiesFormat
| Name | Description | Value |
|---|---|---|
| provisioningState | Gets provisioning state of the resource Updating/Deleting/Failed | string |
| routes | Gets or sets Routes in a Route Table | Route[] |
SecurityRule
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | SecurityRulePropertiesFormat |
SecurityRulePropertiesFormat
| Name | Description | Value |
|---|---|---|
| access | Gets or sets network traffic is allowed or denied. Possible values are 'Allow' and 'Deny' | 'Allow' 'Deny' (required) |
| description | Gets or sets a description for this rule. Restricted to 140 chars. | string |
| destinationAddressPrefix | Gets or sets destination address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string (required) |
| destinationPortRange | Gets or sets Destination Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
| direction | Gets or sets the direction of the rule.InBound or Outbound. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | 'Inbound' 'Outbound' (required) |
| priority | Gets or sets the priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int |
| protocol | Gets or sets Network protocol this rule applies to. Can be Tcp, Udp or All(*). | '*' 'Tcp' 'Udp' (required) |
| provisioningState | Gets provisioning state of the PublicIP resource Updating/Deleting/Failed | string |
| sourceAddressPrefix | Gets or sets source address prefix. CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string (required) |
| sourcePortRange | Gets or sets Source Port or Range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
Subnet
| Name | Description | Value |
|---|---|---|
| etag | A unique read-only string that changes whenever the resource is updated | string |
| id | Resource Id | string |
| name | Gets or sets the name of the resource that is unique within a resource group. This name can be used to access the resource | string |
| properties | SubnetPropertiesFormat |
SubnetPropertiesFormat
| Name | Description | Value |
|---|---|---|
| addressPrefix | Gets or sets Address prefix for the subnet. | string |
| networkSecurityGroup | Gets or sets the reference of the NetworkSecurityGroup resource | NetworkSecurityGroup |
| provisioningState | Gets provisioning state of the resource | string |
| resourceNavigationLinks | Gets array of references to the external resources using subnet | ResourceNavigationLink[] |
| routeTable | Gets or sets the reference of the RouteTable resource | RouteTable |
SubResource
| Name | Description | Value |
|---|---|---|
| id | Resource Id | string |
Usage Examples
Terraform Samples
A basic example of deploying Application Gateway.
terraform {
required_providers {
azapi = {
source = "Azure/azapi"
}
}
}
provider "azapi" {
skip_provider_registration = false
}
variable "resource_name" {
type = string
default = "acctest0001"
}
variable "___location" {
type = string
default = "westeurope"
}
resource "azapi_resource" "resourceGroup" {
type = "Microsoft.Resources/resourceGroups@2020-06-01"
name = var.resource_name
___location = var.___location
}
resource "azapi_resource" "publicIPAddress" {
type = "Microsoft.Network/publicIPAddresses@2022-07-01"
parent_id = azapi_resource.resourceGroup.id
name = var.resource_name
___location = var.___location
body = {
properties = {
ddosSettings = {
protectionMode = "VirtualNetworkInherited"
}
idleTimeoutInMinutes = 4
publicIPAddressVersion = "IPv4"
publicIPAllocationMethod = "Static"
}
sku = {
name = "Standard"
tier = "Regional"
}
}
schema_validation_enabled = false
response_export_values = ["*"]
}
resource "azapi_resource" "virtualNetwork" {
type = "Microsoft.Network/virtualNetworks@2022-07-01"
parent_id = azapi_resource.resourceGroup.id
name = var.resource_name
___location = var.___location
body = {
properties = {
addressSpace = {
addressPrefixes = [
"10.0.0.0/16",
]
}
dhcpOptions = {
dnsServers = [
]
}
subnets = [
]
}
}
schema_validation_enabled = false
response_export_values = ["*"]
lifecycle {
ignore_changes = [body.properties.subnets]
}
}
resource "azapi_resource" "subnet" {
type = "Microsoft.Network/virtualNetworks/subnets@2022-07-01"
parent_id = azapi_resource.virtualNetwork.id
name = "subnet-230630033653837171"
body = {
properties = {
addressPrefix = "10.0.0.0/24"
delegations = [
]
privateEndpointNetworkPolicies = "Enabled"
privateLinkServiceNetworkPolicies = "Disabled"
serviceEndpointPolicies = [
]
serviceEndpoints = [
]
}
}
schema_validation_enabled = false
response_export_values = ["*"]
}
data "azapi_resource_id" "applicationGateway" {
type = "Microsoft.Network/applicationGateways@2022-07-01"
parent_id = azapi_resource.resourceGroup.id
name = var.resource_name
}
data "azapi_resource_id" "frontendIPConfiguration" {
type = "Microsoft.Network/applicationGateways/frontendIPConfigurations@2022-07-01"
parent_id = data.azapi_resource_id.applicationGateway.id
name = "${azapi_resource.virtualNetwork.name}-feip"
}
data "azapi_resource_id" "frontendPort" {
type = "Microsoft.Network/applicationGateways/frontendPorts@2022-07-01"
parent_id = data.azapi_resource_id.applicationGateway.id
name = "${azapi_resource.virtualNetwork.name}-feport"
}
data "azapi_resource_id" "backendAddressPool" {
type = "Microsoft.Network/applicationGateways/backendAddressPools@2022-07-01"
parent_id = data.azapi_resource_id.applicationGateway.id
name = "${azapi_resource.virtualNetwork.name}-beap"
}
data "azapi_resource_id" "backendHttpSettingsCollection" {
type = "Microsoft.Network/applicationGateways/backendHttpSettingsCollection@2022-07-01"
parent_id = data.azapi_resource_id.applicationGateway.id
name = "${azapi_resource.virtualNetwork.name}-be-htst"
}
data "azapi_resource_id" "httpListener" {
type = "Microsoft.Network/applicationGateways/httpListeners@2022-07-01"
parent_id = data.azapi_resource_id.applicationGateway.id
name = "${azapi_resource.virtualNetwork.name}-httplstn"
}
resource "azapi_resource" "applicationGateway" {
type = "Microsoft.Network/applicationGateways@2022-07-01"
parent_id = azapi_resource.resourceGroup.id
name = var.resource_name
___location = var.___location
body = {
properties = {
authenticationCertificates = [
]
backendAddressPools = [
{
name = data.azapi_resource_id.backendAddressPool.name
properties = {
backendAddresses = [
]
}
},
]
backendHttpSettingsCollection = [
{
name = data.azapi_resource_id.backendHttpSettingsCollection.name
properties = {
authenticationCertificates = [
]
cookieBasedAffinity = "Disabled"
path = ""
pickHostNameFromBackendAddress = false
port = 80
protocol = "Http"
requestTimeout = 1
trustedRootCertificates = [
]
}
},
]
customErrorConfigurations = [
]
enableHttp2 = false
frontendIPConfigurations = [
{
name = data.azapi_resource_id.frontendIPConfiguration.name
properties = {
privateIPAllocationMethod = "Dynamic"
publicIPAddress = {
id = azapi_resource.publicIPAddress.id
}
}
},
]
frontendPorts = [
{
name = data.azapi_resource_id.frontendPort.name
properties = {
port = 80
}
},
]
gatewayIPConfigurations = [
{
name = "my-gateway-ip-configuration"
properties = {
subnet = {
id = azapi_resource.subnet.id
}
}
},
]
httpListeners = [
{
name = data.azapi_resource_id.httpListener.name
properties = {
customErrorConfigurations = [
]
frontendIPConfiguration = {
id = data.azapi_resource_id.frontendIPConfiguration.id
}
frontendPort = {
id = data.azapi_resource_id.frontendPort.id
}
protocol = "Http"
requireServerNameIndication = false
}
},
]
privateLinkConfigurations = [
]
probes = [
]
redirectConfigurations = [
]
requestRoutingRules = [
{
name = "${azapi_resource.virtualNetwork.name}-rqrt"
properties = {
backendAddressPool = {
id = data.azapi_resource_id.backendAddressPool.id
}
backendHttpSettings = {
id = data.azapi_resource_id.backendHttpSettingsCollection.id
}
httpListener = {
id = data.azapi_resource_id.httpListener.id
}
ruleType = "Basic"
priority = 10
}
},
]
rewriteRuleSets = [
]
sku = {
capacity = 2
name = "Standard_v2"
tier = "Standard_v2"
}
sslCertificates = [
]
sslPolicy = {
}
sslProfiles = [
]
trustedClientCertificates = [
]
trustedRootCertificates = [
]
urlPathMaps = [
]
}
}
schema_validation_enabled = false
response_export_values = ["*"]
}
Azure Verified Modules
The following Azure Verified Modules can be used to deploy this resource type.
| Module | Description |
|---|---|
| Application Gateway | AVM Resource Module for Application Gateway |