Application
data class ApplicationGatewayArgs(val applicationGatewayName: Output<String>? = null, val authenticationCertificates: Output<List<ApplicationGatewayAuthenticationCertificateArgs>>? = null, val autoscaleConfiguration: Output<ApplicationGatewayAutoscaleConfigurationArgs>? = null, val backendAddressPools: Output<List<ApplicationGatewayBackendAddressPoolArgs>>? = null, val backendHttpSettingsCollection: Output<List<ApplicationGatewayBackendHttpSettingsArgs>>? = null, val customErrorConfigurations: Output<List<ApplicationGatewayCustomErrorArgs>>? = null, val enableFips: Output<Boolean>? = null, val enableHttp2: Output<Boolean>? = null, val firewallPolicy: Output<SubResourceArgs>? = null, val forceFirewallPolicyAssociation: Output<Boolean>? = null, val frontendIPConfigurations: Output<List<ApplicationGatewayFrontendIPConfigurationArgs>>? = null, val frontendPorts: Output<List<ApplicationGatewayFrontendPortArgs>>? = null, val gatewayIPConfigurations: Output<List<ApplicationGatewayIPConfigurationArgs>>? = null, val httpListeners: Output<List<ApplicationGatewayHttpListenerArgs>>? = null, val id: Output<String>? = null, val identity: Output<ManagedServiceIdentityArgs>? = null, val location: Output<String>? = null, val privateLinkConfigurations: Output<List<ApplicationGatewayPrivateLinkConfigurationArgs>>? = null, val probes: Output<List<ApplicationGatewayProbeArgs>>? = null, val redirectConfigurations: Output<List<ApplicationGatewayRedirectConfigurationArgs>>? = null, val requestRoutingRules: Output<List<ApplicationGatewayRequestRoutingRuleArgs>>? = null, val resourceGroupName: Output<String>? = null, val rewriteRuleSets: Output<List<ApplicationGatewayRewriteRuleSetArgs>>? = null, val sku: Output<ApplicationGatewaySkuArgs>? = null, val sslCertificates: Output<List<ApplicationGatewaySslCertificateArgs>>? = null, val sslPolicy: Output<ApplicationGatewaySslPolicyArgs>? = null, val sslProfiles: Output<List<ApplicationGatewaySslProfileArgs>>? = null, val tags: Output<Map<String, String>>? = null, val trustedClientCertificates: Output<List<ApplicationGatewayTrustedClientCertificateArgs>>? = null, val trustedRootCertificates: Output<List<ApplicationGatewayTrustedRootCertificateArgs>>? = null, val urlPathMaps: Output<List<ApplicationGatewayUrlPathMapArgs>>? = null, val webApplicationFirewallConfiguration: Output<ApplicationGatewayWebApplicationFirewallConfigurationArgs>? = null, val zones: Output<List<String>>? = null) : ConvertibleToJava<ApplicationGatewayArgs>
Application gateway resource. API Version: 2020-11-01.
Example Usage
Create Application Gateway
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var applicationGateway = new AzureNative.Network.ApplicationGateway("applicationGateway", new()
{
ApplicationGatewayName = "appgw",
BackendAddressPools = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayBackendAddressPoolArgs
{
BackendAddresses = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayBackendAddressArgs
{
IpAddress = "10.0.1.1",
},
new AzureNative.Network.Inputs.ApplicationGatewayBackendAddressArgs
{
IpAddress = "10.0.1.2",
},
},
Name = "appgwpool",
},
},
BackendHttpSettingsCollection = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayBackendHttpSettingsArgs
{
CookieBasedAffinity = "Disabled",
Name = "appgwbhs",
Port = 80,
Protocol = "Http",
RequestTimeout = 30,
},
},
FrontendIPConfigurations = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayFrontendIPConfigurationArgs
{
Name = "appgwfip",
PublicIPAddress = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/appgwpip",
},
},
},
FrontendPorts = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayFrontendPortArgs
{
Name = "appgwfp",
Port = 443,
},
new AzureNative.Network.Inputs.ApplicationGatewayFrontendPortArgs
{
Name = "appgwfp80",
Port = 80,
},
},
GatewayIPConfigurations = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayIPConfigurationArgs
{
Name = "appgwipc",
Subnet = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet/subnets/appgwsubnet",
},
},
},
HttpListeners = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayHttpListenerArgs
{
FrontendIPConfiguration = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendIPConfigurations/appgwfip",
},
FrontendPort = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendPorts/appgwfp",
},
Name = "appgwhl",
Protocol = "Https",
RequireServerNameIndication = false,
SslCertificate = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/sslCertificates/sslcert",
},
SslProfile = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/sslProfiles/sslProfile1",
},
},
new AzureNative.Network.Inputs.ApplicationGatewayHttpListenerArgs
{
FrontendIPConfiguration = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendIPConfigurations/appgwfip",
},
FrontendPort = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendPorts/appgwfp80",
},
Name = "appgwhttplistener",
Protocol = "Http",
},
},
Identity = new AzureNative.Network.Inputs.ManagedServiceIdentityArgs
{
Type = AzureNative.Network.ResourceIdentityType.UserAssigned,
UserAssignedIdentities =
{
{ "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1", null },
},
},
Location = "eastus",
RequestRoutingRules = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayRequestRoutingRuleArgs
{
BackendAddressPool = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool",
},
BackendHttpSettings = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs",
},
HttpListener = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/httpListeners/appgwhl",
},
Name = "appgwrule",
Priority = 10,
RewriteRuleSet = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1",
},
RuleType = "Basic",
},
new AzureNative.Network.Inputs.ApplicationGatewayRequestRoutingRuleArgs
{
HttpListener = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/httpListeners/appgwhttplistener",
},
Name = "appgwPathBasedRule",
Priority = 20,
RuleType = "PathBasedRouting",
UrlPathMap = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/urlPathMaps/pathMap1",
},
},
},
ResourceGroupName = "rg1",
RewriteRuleSets = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayRewriteRuleSetArgs
{
Name = "rewriteRuleSet1",
RewriteRules = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayRewriteRuleArgs
{
ActionSet = new AzureNative.Network.Inputs.ApplicationGatewayRewriteRuleActionSetArgs
{
RequestHeaderConfigurations = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayHeaderConfigurationArgs
{
HeaderName = "X-Forwarded-For",
HeaderValue = "{var_add_x_forwarded_for_proxy}",
},
},
ResponseHeaderConfigurations = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayHeaderConfigurationArgs
{
HeaderName = "Strict-Transport-Security",
HeaderValue = "max-age=31536000",
},
},
UrlConfiguration = new AzureNative.Network.Inputs.ApplicationGatewayUrlConfigurationArgs
{
ModifiedPath = "/abc",
},
},
Conditions = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayRewriteRuleConditionArgs
{
IgnoreCase = true,
Negate = false,
Pattern = "^Bearer",
Variable = "http_req_Authorization",
},
},
Name = "Set X-Forwarded-For",
RuleSequence = 102,
},
},
},
},
Sku = new AzureNative.Network.Inputs.ApplicationGatewaySkuArgs
{
Capacity = 3,
Name = "Standard_v2",
Tier = "Standard_v2",
},
SslCertificates = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewaySslCertificateArgs
{
Data = "****",
Name = "sslcert",
Password = "****",
},
new AzureNative.Network.Inputs.ApplicationGatewaySslCertificateArgs
{
KeyVaultSecretId = "https://kv/secret",
Name = "sslcert2",
},
},
SslProfiles = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewaySslProfileArgs
{
ClientAuthConfiguration = new AzureNative.Network.Inputs.ApplicationGatewayClientAuthConfigurationArgs
{
VerifyClientCertIssuerDN = true,
},
Name = "sslProfile1",
SslPolicy = new AzureNative.Network.Inputs.ApplicationGatewaySslPolicyArgs
{
CipherSuites = new[]
{
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
},
MinProtocolVersion = "TLSv1_1",
PolicyType = "Custom",
},
TrustedClientCertificates = new[]
{
new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/trustedClientCertificates/clientcert",
},
},
},
},
TrustedClientCertificates = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayTrustedClientCertificateArgs
{
Data = "****",
Name = "clientcert",
},
},
TrustedRootCertificates = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayTrustedRootCertificateArgs
{
Data = "****",
Name = "rootcert",
},
new AzureNative.Network.Inputs.ApplicationGatewayTrustedRootCertificateArgs
{
KeyVaultSecretId = "https://kv/secret",
Name = "rootcert1",
},
},
UrlPathMaps = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayUrlPathMapArgs
{
DefaultBackendAddressPool = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool",
},
DefaultBackendHttpSettings = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs",
},
DefaultRewriteRuleSet = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1",
},
Name = "pathMap1",
PathRules = new[]
{
new AzureNative.Network.Inputs.ApplicationGatewayPathRuleArgs
{
BackendAddressPool = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool",
},
BackendHttpSettings = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs",
},
Name = "apiPaths",
Paths = new[]
{
"/api",
"/v1/api",
},
RewriteRuleSet = new AzureNative.Network.Inputs.SubResourceArgs
{
Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1",
},
},
},
},
},
});
});Content copied to clipboard
package main
import (
network "github.com/pulumi/pulumi-azure-native-sdk/network"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := network.NewApplicationGateway(ctx, "applicationGateway", &network.ApplicationGatewayArgs{
ApplicationGatewayName: pulumi.String("appgw"),
BackendAddressPools: []network.ApplicationGatewayBackendAddressPoolArgs{
{
BackendAddresses: network.ApplicationGatewayBackendAddressArray{
{
IpAddress: pulumi.String("10.0.1.1"),
},
{
IpAddress: pulumi.String("10.0.1.2"),
},
},
Name: pulumi.String("appgwpool"),
},
},
BackendHttpSettingsCollection: []network.ApplicationGatewayBackendHttpSettingsArgs{
{
CookieBasedAffinity: pulumi.String("Disabled"),
Name: pulumi.String("appgwbhs"),
Port: pulumi.Int(80),
Protocol: pulumi.String("Http"),
RequestTimeout: pulumi.Int(30),
},
},
FrontendIPConfigurations: []network.ApplicationGatewayFrontendIPConfigurationArgs{
{
Name: pulumi.String("appgwfip"),
PublicIPAddress: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/appgwpip"),
},
},
},
FrontendPorts: []network.ApplicationGatewayFrontendPortArgs{
{
Name: pulumi.String("appgwfp"),
Port: pulumi.Int(443),
},
{
Name: pulumi.String("appgwfp80"),
Port: pulumi.Int(80),
},
},
GatewayIPConfigurations: []network.ApplicationGatewayIPConfigurationArgs{
{
Name: pulumi.String("appgwipc"),
Subnet: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet/subnets/appgwsubnet"),
},
},
},
HttpListeners: []network.ApplicationGatewayHttpListenerArgs{
{
FrontendIPConfiguration: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendIPConfigurations/appgwfip"),
},
FrontendPort: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendPorts/appgwfp"),
},
Name: pulumi.String("appgwhl"),
Protocol: pulumi.String("Https"),
RequireServerNameIndication: pulumi.Bool(false),
SslCertificate: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/sslCertificates/sslcert"),
},
SslProfile: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/sslProfiles/sslProfile1"),
},
},
{
FrontendIPConfiguration: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendIPConfigurations/appgwfip"),
},
FrontendPort: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendPorts/appgwfp80"),
},
Name: pulumi.String("appgwhttplistener"),
Protocol: pulumi.String("Http"),
},
},
Identity: &network.ManagedServiceIdentityArgs{
Type: network.ResourceIdentityTypeUserAssigned,
UserAssignedIdentities: pulumi.AnyMap{
"/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1": nil,
},
},
Location: pulumi.String("eastus"),
RequestRoutingRules: []network.ApplicationGatewayRequestRoutingRuleArgs{
{
BackendAddressPool: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool"),
},
BackendHttpSettings: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs"),
},
HttpListener: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/httpListeners/appgwhl"),
},
Name: pulumi.String("appgwrule"),
Priority: pulumi.Int(10),
RewriteRuleSet: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1"),
},
RuleType: pulumi.String("Basic"),
},
{
HttpListener: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/httpListeners/appgwhttplistener"),
},
Name: pulumi.String("appgwPathBasedRule"),
Priority: pulumi.Int(20),
RuleType: pulumi.String("PathBasedRouting"),
UrlPathMap: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/urlPathMaps/pathMap1"),
},
},
},
ResourceGroupName: pulumi.String("rg1"),
RewriteRuleSets: []network.ApplicationGatewayRewriteRuleSetArgs{
{
Name: pulumi.String("rewriteRuleSet1"),
RewriteRules: network.ApplicationGatewayRewriteRuleArray{
{
ActionSet: {
RequestHeaderConfigurations: network.ApplicationGatewayHeaderConfigurationArray{
{
HeaderName: pulumi.String("X-Forwarded-For"),
HeaderValue: pulumi.String("{var_add_x_forwarded_for_proxy}"),
},
},
ResponseHeaderConfigurations: network.ApplicationGatewayHeaderConfigurationArray{
{
HeaderName: pulumi.String("Strict-Transport-Security"),
HeaderValue: pulumi.String("max-age=31536000"),
},
},
UrlConfiguration: {
ModifiedPath: pulumi.String("/abc"),
},
},
Conditions: network.ApplicationGatewayRewriteRuleConditionArray{
{
IgnoreCase: pulumi.Bool(true),
Negate: pulumi.Bool(false),
Pattern: pulumi.String("^Bearer"),
Variable: pulumi.String("http_req_Authorization"),
},
},
Name: pulumi.String("Set X-Forwarded-For"),
RuleSequence: pulumi.Int(102),
},
},
},
},
Sku: &network.ApplicationGatewaySkuArgs{
Capacity: pulumi.Int(3),
Name: pulumi.String("Standard_v2"),
Tier: pulumi.String("Standard_v2"),
},
SslCertificates: []network.ApplicationGatewaySslCertificateArgs{
{
Data: pulumi.String("****"),
Name: pulumi.String("sslcert"),
Password: pulumi.String("****"),
},
{
KeyVaultSecretId: pulumi.String("https://kv/secret"),
Name: pulumi.String("sslcert2"),
},
},
SslProfiles: []network.ApplicationGatewaySslProfileArgs{
{
ClientAuthConfiguration: {
VerifyClientCertIssuerDN: pulumi.Bool(true),
},
Name: pulumi.String("sslProfile1"),
SslPolicy: {
CipherSuites: pulumi.StringArray{
pulumi.String("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"),
},
MinProtocolVersion: pulumi.String("TLSv1_1"),
PolicyType: pulumi.String("Custom"),
},
TrustedClientCertificates: network.SubResourceArray{
{
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/trustedClientCertificates/clientcert"),
},
},
},
},
TrustedClientCertificates: []network.ApplicationGatewayTrustedClientCertificateArgs{
{
Data: pulumi.String("****"),
Name: pulumi.String("clientcert"),
},
},
TrustedRootCertificates: []network.ApplicationGatewayTrustedRootCertificateArgs{
{
Data: pulumi.String("****"),
Name: pulumi.String("rootcert"),
},
{
KeyVaultSecretId: pulumi.String("https://kv/secret"),
Name: pulumi.String("rootcert1"),
},
},
UrlPathMaps: []network.ApplicationGatewayUrlPathMapArgs{
{
DefaultBackendAddressPool: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool"),
},
DefaultBackendHttpSettings: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs"),
},
DefaultRewriteRuleSet: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1"),
},
Name: pulumi.String("pathMap1"),
PathRules: network.ApplicationGatewayPathRuleArray{
{
BackendAddressPool: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool"),
},
BackendHttpSettings: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs"),
},
Name: pulumi.String("apiPaths"),
Paths: pulumi.StringArray{
pulumi.String("/api"),
pulumi.String("/v1/api"),
},
RewriteRuleSet: {
Id: pulumi.String("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1"),
},
},
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.network.ApplicationGateway;
import com.pulumi.azurenative.network.ApplicationGatewayArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var applicationGateway = new ApplicationGateway("applicationGateway", ApplicationGatewayArgs.builder()
.applicationGatewayName("appgw")
.backendAddressPools(Map.ofEntries(
Map.entry("backendAddresses",
Map.of("ipAddress", "10.0.1.1"),
Map.of("ipAddress", "10.0.1.2")),
Map.entry("name", "appgwpool")
))
.backendHttpSettingsCollection(Map.ofEntries(
Map.entry("cookieBasedAffinity", "Disabled"),
Map.entry("name", "appgwbhs"),
Map.entry("port", 80),
Map.entry("protocol", "Http"),
Map.entry("requestTimeout", 30)
))
.frontendIPConfigurations(Map.ofEntries(
Map.entry("name", "appgwfip"),
Map.entry("publicIPAddress", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/publicIPAddresses/appgwpip"))
))
.frontendPorts(
Map.ofEntries(
Map.entry("name", "appgwfp"),
Map.entry("port", 443)
),
Map.ofEntries(
Map.entry("name", "appgwfp80"),
Map.entry("port", 80)
))
.gatewayIPConfigurations(Map.ofEntries(
Map.entry("name", "appgwipc"),
Map.entry("subnet", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/vnet/subnets/appgwsubnet"))
))
.httpListeners(
Map.ofEntries(
Map.entry("frontendIPConfiguration", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendIPConfigurations/appgwfip")),
Map.entry("frontendPort", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendPorts/appgwfp")),
Map.entry("name", "appgwhl"),
Map.entry("protocol", "Https"),
Map.entry("requireServerNameIndication", false),
Map.entry("sslCertificate", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/sslCertificates/sslcert")),
Map.entry("sslProfile", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/sslProfiles/sslProfile1"))
),
Map.ofEntries(
Map.entry("frontendIPConfiguration", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendIPConfigurations/appgwfip")),
Map.entry("frontendPort", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/frontendPorts/appgwfp80")),
Map.entry("name", "appgwhttplistener"),
Map.entry("protocol", "Http")
))
.identity(Map.ofEntries(
Map.entry("type", "UserAssigned"),
Map.entry("userAssignedIdentities", Map.of("/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identity1", ))
))
.location("eastus")
.requestRoutingRules(
Map.ofEntries(
Map.entry("backendAddressPool", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool")),
Map.entry("backendHttpSettings", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs")),
Map.entry("httpListener", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/httpListeners/appgwhl")),
Map.entry("name", "appgwrule"),
Map.entry("priority", 10),
Map.entry("rewriteRuleSet", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1")),
Map.entry("ruleType", "Basic")
),
Map.ofEntries(
Map.entry("httpListener", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/httpListeners/appgwhttplistener")),
Map.entry("name", "appgwPathBasedRule"),
Map.entry("priority", 20),
Map.entry("ruleType", "PathBasedRouting"),
Map.entry("urlPathMap", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/urlPathMaps/pathMap1"))
))
.resourceGroupName("rg1")
.rewriteRuleSets(Map.ofEntries(
Map.entry("name", "rewriteRuleSet1"),
Map.entry("rewriteRules", Map.ofEntries(
Map.entry("actionSet", Map.ofEntries(
Map.entry("requestHeaderConfigurations", Map.ofEntries(
Map.entry("headerName", "X-Forwarded-For"),
Map.entry("headerValue", "{var_add_x_forwarded_for_proxy}")
)),
Map.entry("responseHeaderConfigurations", Map.ofEntries(
Map.entry("headerName", "Strict-Transport-Security"),
Map.entry("headerValue", "max-age=31536000")
)),
Map.entry("urlConfiguration", Map.of("modifiedPath", "/abc"))
)),
Map.entry("conditions", Map.ofEntries(
Map.entry("ignoreCase", true),
Map.entry("negate", false),
Map.entry("pattern", "^Bearer"),
Map.entry("variable", "http_req_Authorization")
)),
Map.entry("name", "Set X-Forwarded-For"),
Map.entry("ruleSequence", 102)
))
))
.sku(Map.ofEntries(
Map.entry("capacity", 3),
Map.entry("name", "Standard_v2"),
Map.entry("tier", "Standard_v2")
))
.sslCertificates(
Map.ofEntries(
Map.entry("data", "****"),
Map.entry("name", "sslcert"),
Map.entry("password", "****")
),
Map.ofEntries(
Map.entry("keyVaultSecretId", "https://kv/secret"),
Map.entry("name", "sslcert2")
))
.sslProfiles(Map.ofEntries(
Map.entry("clientAuthConfiguration", Map.of("verifyClientCertIssuerDN", true)),
Map.entry("name", "sslProfile1"),
Map.entry("sslPolicy", Map.ofEntries(
Map.entry("cipherSuites", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"),
Map.entry("minProtocolVersion", "TLSv1_1"),
Map.entry("policyType", "Custom")
)),
Map.entry("trustedClientCertificates", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/trustedClientCertificates/clientcert"))
))
.trustedClientCertificates(Map.ofEntries(
Map.entry("data", "****"),
Map.entry("name", "clientcert")
))
.trustedRootCertificates(
Map.ofEntries(
Map.entry("data", "****"),
Map.entry("name", "rootcert")
),
Map.ofEntries(
Map.entry("keyVaultSecretId", "https://kv/secret"),
Map.entry("name", "rootcert1")
))
.urlPathMaps(Map.ofEntries(
Map.entry("defaultBackendAddressPool", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool")),
Map.entry("defaultBackendHttpSettings", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs")),
Map.entry("defaultRewriteRuleSet", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1")),
Map.entry("name", "pathMap1"),
Map.entry("pathRules", Map.ofEntries(
Map.entry("backendAddressPool", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendAddressPools/appgwpool")),
Map.entry("backendHttpSettings", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/backendHttpSettingsCollection/appgwbhs")),
Map.entry("name", "apiPaths"),
Map.entry("paths",
"/api",
"/v1/api"),
Map.entry("rewriteRuleSet", Map.of("id", "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgw/rewriteRuleSets/rewriteRuleSet1"))
))
))
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:network:ApplicationGateway appgw /subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/applicationGateways/appgwContent copied to clipboard
Constructors
Link copied to clipboard
constructor(applicationGatewayName: Output<String>? = null, authenticationCertificates: Output<List<ApplicationGatewayAuthenticationCertificateArgs>>? = null, autoscaleConfiguration: Output<ApplicationGatewayAutoscaleConfigurationArgs>? = null, backendAddressPools: Output<List<ApplicationGatewayBackendAddressPoolArgs>>? = null, backendHttpSettingsCollection: Output<List<ApplicationGatewayBackendHttpSettingsArgs>>? = null, customErrorConfigurations: Output<List<ApplicationGatewayCustomErrorArgs>>? = null, enableFips: Output<Boolean>? = null, enableHttp2: Output<Boolean>? = null, firewallPolicy: Output<SubResourceArgs>? = null, forceFirewallPolicyAssociation: Output<Boolean>? = null, frontendIPConfigurations: Output<List<ApplicationGatewayFrontendIPConfigurationArgs>>? = null, frontendPorts: Output<List<ApplicationGatewayFrontendPortArgs>>? = null, gatewayIPConfigurations: Output<List<ApplicationGatewayIPConfigurationArgs>>? = null, httpListeners: Output<List<ApplicationGatewayHttpListenerArgs>>? = null, id: Output<String>? = null, identity: Output<ManagedServiceIdentityArgs>? = null, location: Output<String>? = null, privateLinkConfigurations: Output<List<ApplicationGatewayPrivateLinkConfigurationArgs>>? = null, probes: Output<List<ApplicationGatewayProbeArgs>>? = null, redirectConfigurations: Output<List<ApplicationGatewayRedirectConfigurationArgs>>? = null, requestRoutingRules: Output<List<ApplicationGatewayRequestRoutingRuleArgs>>? = null, resourceGroupName: Output<String>? = null, rewriteRuleSets: Output<List<ApplicationGatewayRewriteRuleSetArgs>>? = null, sku: Output<ApplicationGatewaySkuArgs>? = null, sslCertificates: Output<List<ApplicationGatewaySslCertificateArgs>>? = null, sslPolicy: Output<ApplicationGatewaySslPolicyArgs>? = null, sslProfiles: Output<List<ApplicationGatewaySslProfileArgs>>? = null, tags: Output<Map<String, String>>? = null, trustedClientCertificates: Output<List<ApplicationGatewayTrustedClientCertificateArgs>>? = null, trustedRootCertificates: Output<List<ApplicationGatewayTrustedRootCertificateArgs>>? = null, urlPathMaps: Output<List<ApplicationGatewayUrlPathMapArgs>>? = null, webApplicationFirewallConfiguration: Output<ApplicationGatewayWebApplicationFirewallConfigurationArgs>? = null, zones: Output<List<String>>? = null)
Properties
Link copied to clipboard
The name of the application gateway.
Link copied to clipboard
val authenticationCertificates: Output<List<ApplicationGatewayAuthenticationCertificateArgs>>? = null
Authentication certificates of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Autoscale Configuration.
Link copied to clipboard
Backend address pool of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Backend http settings of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Custom error configurations of the application gateway resource.
Link copied to clipboard
Whether FIPS is enabled on the application gateway resource.
Link copied to clipboard
Whether HTTP2 is enabled on the application gateway resource.
Link copied to clipboard
Reference to the FirewallPolicy resource.
Link copied to clipboard
If true, associates a firewall policy with an application gateway regardless whether the policy differs from the WAF Config.
Link copied to clipboard
Frontend IP addresses of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Frontend ports of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Subnets of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Http listeners of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
The identity of the application gateway, if configured.
Link copied to clipboard
PrivateLink configurations on application gateway.
Link copied to clipboard
Probes of the application gateway resource.
Link copied to clipboard
Redirect configurations of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Request routing rules of the application gateway resource.
Link copied to clipboard
The name of the resource group.
Link copied to clipboard
Rewrite rules for the application gateway resource.
Link copied to clipboard
SKU of the application gateway resource.
Link copied to clipboard
SSL certificates of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
SSL policy of the application gateway resource.
Link copied to clipboard
SSL profiles of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Trusted client certificates of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
Trusted Root certificates of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
URL path map of the application gateway resource. For default limits, see Application Gateway limits.
Link copied to clipboard
val webApplicationFirewallConfiguration: Output<ApplicationGatewayWebApplicationFirewallConfigurationArgs>? = null
Web application firewall configuration.