Skip to content

Instantly share code, notes, and snippets.

Avatar

Fabrício Sanchez fabriciosanchez

View GitHub Profile
@fabriciosanchez
fabriciosanchez / ag-requesting-routing-rule.ps1
Created Apr 10, 2020
Creates a rule that allows external users access developers portal from the outside.
View ag-requesting-routing-rule.ps1
# step 10 - create a routing rule to allow external Internet access to the developer portal
$rule01 = New-AzApplicationGatewayRequestRoutingRule `
-Name "apim-portal-rule" `
-RuleType Basic `
-HttpListener $portalListener `
-BackendAddressPool $apimProxyBackendPool `
-BackendHttpSettings $apimPoolPortalSetting
@fabriciosanchez
fabriciosanchez / ag-backend-pool-no-target.ps1
Last active Apr 10, 2020
Creating AG's backend pool with no target.
View ag-backend-pool-no-target.ps1
# step 9a - configure back-end IP address pool with internal IP of APIM
$apimProxyBackendPool = New-AzApplicationGatewayBackendAddressPool `
-Name "apimbackend" `
-BackendIPAddresses $apimService.PrivateIPAddresses[0]
# step 9b - create sinkpool for API-M requests we want to discard
$sinkpool = New-AzApplicationGatewayBackendAddressPool -Name "sinkpool"
@fabriciosanchez
fabriciosanchez / ag-backend-pool-apim-internal-ip.ps1
Created Apr 10, 2020
Configure AG's backend pool that refers to API's calls to hit APIM's internal IP.
View ag-backend-pool-apim-internal-ip.ps1
# step 9a - configure back-end IP address pool with internal IP of APIM
$apimProxyBackendPool = New-AzApplicationGatewayBackendAddressPool `
-Name "apimbackend" `
-BackendIPAddresses $apimService.PrivateIPAddresses[0]
@fabriciosanchez
fabriciosanchez / ag-backend-pools.ps1
Created Apr 10, 2020
Deploys two different backend pools.
View ag-backend-pools.ps1
# step 8 - configure HTTPs backend settings for the App Gateway
$apimPoolSetting = New-AzApplicationGatewayBackendHttpSettings `
-Name "apim-api-poolsetting" `
-Port 443 `
-Protocol "Https" `
-CookieBasedAffinity "Disabled" `
-Probe $apimprobe `
-AuthenticationCertificates $authcert `
-RequestTimeout 180
@fabriciosanchez
fabriciosanchez / ag-whitelist-bep.ps1
Created Apr 10, 2020
Creates a whitelist certification for backend pools.
View ag-whitelist-bep.ps1
# step 7 - upload cert for SSL-enabled backend pool resources
$authcert = New-AzApplicationGatewayAuthenticationCertificate `
-Name "whitelistcert" `
-CertificateFile $gatewayCertCerPath
@fabriciosanchez
fabriciosanchez / ag-probes.ps1
Created Apr 10, 2020
Creating AG's probes.
View ag-probes.ps1
# step 6 - create custom probes for API-M endpoints
$apimprobe = New-AzApplicationGatewayProbeConfig `
-Name "apim-api-probe" `
-Protocol "Https" `
-HostName $gatewayHostname `
-Path "/status-0123456789abcdef" `
-Interval 30 `
-Timeout 120 `
-UnhealthyThreshold 8
@fabriciosanchez
fabriciosanchez / ag-listeners.ps1
Created Apr 10, 2020
Creates listeners under the AG.
View ag-listeners.ps1
# step 5 - configure HTTP listeners for the App Gateway
$listener = New-AzApplicationGatewayHttpListener `
-Name "apim-api-listener" `
-Protocol "Https" `
-FrontendIPConfiguration $fipconfig01 `
-FrontendPort $fp01 `
-SslCertificate $cert `
-HostName $gatewayHostname `
-RequireServerNameIndication true
@fabriciosanchez
fabriciosanchez / ag-certificates-configuration.ps1
Created Apr 10, 2020
Creating certificate configuration for AG.
View ag-certificates-configuration.ps1
# step 4 - configure certs for the App Gateway
$cert = New-AzApplicationGatewaySslCertificate `
-Name "apim-gw-cert" `
-CertificateFile $gatewayCertPfxPath `
-Password $certPwd
$certPortal = New-AzApplicationGatewaySslCertificate `
-Name "apim-portal-cert" `
-CertificateFile $portalCertPfxPath `
-Password $certPortalPwd
@fabriciosanchez
fabriciosanchez / ag-frontend-ip-configuration.ps1
Created Apr 10, 2020
Creates a frontend IP configuration.
View ag-frontend-ip-configuration.ps1
# step 3 - configure the front-end IP with the public IP endpoint
$fipconfig01 = New-AzApplicationGatewayFrontendIPConfig `
-Name "frontend1" `
-PublicIPAddress $publicip
View ag-frontend-port.ps1
# step 2 - configure the front-end IP port for the public IP endpoint
$fp01 = New-AzApplicationGatewayFrontendPort `
-Name "frontend-port443" `
-Port 443