{ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "existingVirtualNetworkName": { "type": "string", "defaultValue": "production-vnet", "metadata": { "description": "Name of an existing Virtual Network" } }, "subnetName": { "type": "string", "defaultValue": "AppGatewaySubnet", "metadata": { "description": "Name of the App Gateway subnet in the Virtual Network you want to use" } }, "applicationGatewaySize": { "type": "string", "allowedValues": [ "WAF_Medium", "WAF_Large" ], "defaultValue": "WAF_Medium", "metadata": { "description": "application gateway size" } }, "capacity": { "type": "int", "allowedValues": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 ], "defaultValue": 2, "metadata": { "description": "Number of instances" } }, "BackendIPAddress1": { "type": "string", "defaultValue": "10.0.1.5", "metadata": { "description": "IP Address for Backend Server 1" } }, "WAFEnabled": { "type": "bool", "defaultValue": true, "metadata": { "description": "WAF Enabled" } }, "WAFMode": { "type": "string", "allowedValues": [ "Detection", "Prevention" ], "defaultValue": "Detection", "metadata": { "description": "WAF Mode" } }, "WAFRuleSetType": { "type": "string", "allowedValues": [ "OWASP" ], "defaultValue": "OWASP", "metadata": { "description": "WAF Rule Set Type" } }, "WAFRuleSetVersion": { "type": "string", "allowedValues": [ "2.2.9", "3.0" ], "defaultValue": "3.0", "metadata": { "description": "WAF Rule Set Version" } }, "location": { "type": "string", "defaultValue": "[resourceGroup().location]", "metadata": { "description": "Location for all resources." } } }, "variables": { "publicIPAddressName": "AppGWpip", "applicationGatewayName": "AppGWmtc", "subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('existingVirtualNetworkName'), parameters('subnetName'))]", "publicIPRef": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", "applicationGatewayID": "[resourceId('Microsoft.Network/applicationGateways', variables('applicationGatewayName'))]" }, "resources": [ { "apiVersion": "2017-03-01", "type": "Microsoft.Network/publicIPAddresses", "name": "[variables('publicIPAddressName')]", "location": "[parameters('location')]", "properties": { "publicIPAllocationMethod": "Dynamic" } }, { "apiVersion": "2017-06-01", "name": "[variables('applicationGatewayName')]", "type": "Microsoft.Network/applicationGateways", "location": "[parameters('location')]", "properties": { "sku": { "name": "[parameters('applicationGatewaySize')]", "tier": "WAF", "capacity": "[parameters('capacity')]" }, "gatewayIPConfigurations": [ { "name": "appGatewayIpConfig", "properties": { "subnet": { "id": "[variables('subnetRef')]" } } } ], "frontendIPConfigurations": [ { "name": "appGatewayFrontendIP", "properties": { "PublicIPAddress": { "id": "[variables('publicIPRef')]" } } } ], "frontendPorts": [ { "name": "appGatewayFrontendPort", "properties": { "Port": 80 } } ], "backendAddressPools": [ { "name": "appGatewayBackendPool", "properties": { "BackendAddresses": [ { "IpAddress": "[parameters('BackendIPAddress1')]" } ] } } ], "backendHttpSettingsCollection": [ { "name": "appGatewayBackendHttpSettings", "properties": { "Port": 80, "Protocol": "Http", "CookieBasedAffinity": "Disabled" } } ], "httpListeners": [ { "name": "appGatewayHttpListener", "properties": { "FrontendIPConfiguration": { "Id": "[concat(variables('applicationGatewayID'), '/frontendIPConfigurations/appGatewayFrontendIP')]" }, "FrontendPort": { "Id": "[concat(variables('applicationGatewayID'), '/frontendPorts/appGatewayFrontendPort')]" }, "Protocol": "Http", "SslCertificate": null } } ], "requestRoutingRules": [ { "Name": "rule1", "properties": { "RuleType": "Basic", "httpListener": { "id": "[concat(variables('applicationGatewayID'), '/httpListeners/appGatewayHttpListener')]" }, "backendAddressPool": { "id": "[concat(variables('applicationGatewayID'), '/backendAddressPools/appGatewayBackendPool')]" }, "backendHttpSettings": { "id": "[concat(variables('applicationGatewayID'), '/backendHttpSettingsCollection/appGatewayBackendHttpSettings')]" } } } ], "webApplicationFirewallConfiguration": { "enabled": "[parameters('WAFEnabled')]", "firewallMode": "[parameters('WAFMode')]", "ruleSetType": "[parameters('WAFRuleSetType')]", "ruleSetVersion": "[parameters('WAFRuleSetVersion')]", "disabledRuleGroups": [] } }, "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]" ] } ] }