This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$pathmap = Get-AzApplicationGatewayUrlPathMapConfig ` | |
-ApplicationGateway $appgw ` | |
-Name "external-urlpathmapconfig" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$appgw = Add-AzApplicationGatewayUrlPathMapConfig ` | |
-ApplicationGateway $appgw ` | |
-Name "external-urlpathmapconfig" ` | |
-PathRules $pathRule ` | |
-DefaultBackendAddressPool $sinkpool ` | |
-DefaultBackendHttpSettings $poolSettings | |
$appgw = Set-AzApplicationGateway ` | |
-ApplicationGateway $appgw |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$pathRule = New-AzApplicationGatewayPathRuleConfig ` | |
-Name "external" ` | |
-Paths "/external/*" ` | |
-BackendAddressPool $pool ` | |
-BackendHttpSettings $poolSettings |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get existing Application Gateway config | |
$appgw = Get-AzApplicationGateway ` | |
-ResourceGroupName $resGroupName ` | |
-Name $appgwName | |
$listener = Get-AzApplicationGatewayHttpListener ` | |
-Name "apim-api-listener" ` | |
-ApplicationGateway $appgw | |
$sinkpool = Get-AzApplicationGatewayBackendAddressPool ` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 11 - change App Gateway SKU and instances (# instances can be configured as required) | |
$sku = New-AzApplicationGatewaySku -Name "WAF_Medium" -Tier "WAF" -Capacity 1 | |
# step 12 - configure WAF to be in prevention mode | |
$config = New-AzApplicationGatewayWebApplicationFirewallConfiguration ` | |
-Enabled $true ` | |
-FirewallMode "Detection" | |
# Deploy the App Gateway | |
$appgwName = "aumanager-apim-app-gw" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 10 - create a routing rule to allow external Internet access to the developer portal | |
$rule01 = New-AzApplicationGatewayRequestRoutingRule ` | |
-Name "apim-portal-rule" ` | |
-RuleType Basic ` | |
-HttpListener $portalListener ` | |
-BackendAddressPool $apimProxyBackendPool ` | |
-BackendHttpSettings $apimPoolPortalSetting |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 10 - create a routing rule to allow external Internet access to the developer portal | |
$rule01 = New-AzApplicationGatewayRequestRoutingRule ` | |
-Name "apim-portal-rule" ` | |
-RuleType Basic ` | |
-HttpListener $portalListener ` | |
-BackendAddressPool $apimProxyBackendPool ` | |
-BackendHttpSettings $apimPoolPortalSetting |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 9a - configure back-end IP address pool with internal IP of APIM | |
$apimProxyBackendPool = New-AzApplicationGatewayBackendAddressPool ` | |
-Name "apimbackend" ` | |
-BackendIPAddresses $apimService.PrivateIPAddresses[0] | |
# step 9b - create sinkpool for API-M requests we want to discard | |
$sinkpool = New-AzApplicationGatewayBackendAddressPool -Name "sinkpool" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 9a - configure back-end IP address pool with internal IP of APIM | |
$apimProxyBackendPool = New-AzApplicationGatewayBackendAddressPool ` | |
-Name "apimbackend" ` | |
-BackendIPAddresses $apimService.PrivateIPAddresses[0] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 8 - configure HTTPs backend settings for the App Gateway | |
$apimPoolSetting = New-AzApplicationGatewayBackendHttpSettings ` | |
-Name "apim-api-poolsetting" ` | |
-Port 443 ` | |
-Protocol "Https" ` | |
-CookieBasedAffinity "Disabled" ` | |
-Probe $apimprobe ` | |
-AuthenticationCertificates $authcert ` | |
-RequestTimeout 180 |