This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 7 - upload cert for SSL-enabled backend pool resources | |
$authcert = New-AzApplicationGatewayAuthenticationCertificate ` | |
-Name "whitelistcert" ` | |
-CertificateFile $gatewayCertCerPath |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 6 - create custom probes for API-M endpoints | |
$apimprobe = New-AzApplicationGatewayProbeConfig ` | |
-Name "apim-api-probe" ` | |
-Protocol "Https" ` | |
-HostName $gatewayHostname ` | |
-Path "/status-0123456789abcdef" ` | |
-Interval 30 ` | |
-Timeout 120 ` | |
-UnhealthyThreshold 8 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 5 - configure HTTP listeners for the App Gateway | |
$listener = New-AzApplicationGatewayHttpListener ` | |
-Name "apim-api-listener" ` | |
-Protocol "Https" ` | |
-FrontendIPConfiguration $fipconfig01 ` | |
-FrontendPort $fp01 ` | |
-SslCertificate $cert ` | |
-HostName $gatewayHostname ` | |
-RequireServerNameIndication true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 4 - configure certs for the App Gateway | |
$cert = New-AzApplicationGatewaySslCertificate ` | |
-Name "apim-gw-cert" ` | |
-CertificateFile $gatewayCertPfxPath ` | |
-Password $certPwd | |
$certPortal = New-AzApplicationGatewaySslCertificate ` | |
-Name "apim-portal-cert" ` | |
-CertificateFile $portalCertPfxPath ` | |
-Password $certPortalPwd |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 3 - configure the front-end IP with the public IP endpoint | |
$fipconfig01 = New-AzApplicationGatewayFrontendIPConfig ` | |
-Name "frontend1" ` | |
-PublicIPAddress $publicip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# step 2 - configure the front-end IP port for the public IP endpoint | |
$fp01 = New-AzApplicationGatewayFrontendPort ` | |
-Name "frontend-port443" ` | |
-Port 443 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create Application Gateway configuration | |
# step 1 - create App GW IP config | |
$gipconfig = New-AzApplicationGatewayIPConfiguration ` | |
-Name "gatewayIP" ` | |
-Subnet $appgatewaysubnetdata |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a public IP address for the Application Gateway front-end | |
$publicip = New-AzPublicIpAddress ` | |
-ResourceGroupName $resGroupName ` | |
-name "aumanager-appgw-pip" ` | |
-location $location ` | |
-AllocationMethod Dynamic |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Specify cert configuration | |
$gatewayHostname = "api.americasuniversity.net" | |
$portalHostname = "portal.americasuniversity.net" | |
$gatewayCertCerPath = "C:\AmericasUniversity\certs\api\api.americasuniversity.net.cer" | |
$gatewayCertPfxPath = "C:\AmericasUniversity\certs\api\api.americasuniversity.net.pfx" | |
$portalCertPfxPath = "C:\AmericasUniversity\certs\portaldev\portal.americasuniversity.net.pfx" | |
$gatewayCertPfxPassword = "cert-api-password" | |
$portalCertPfxPassword = "cert-portal-password" | |
# Convert to secure string before send it over HTTP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create an API Management VNET object | |
$apimVirtualNetwork = New-AzApiManagementVirtualNetwork -SubnetResourceId $apimsubnetdata.Id | |
# Create an API-M service inside the VNET | |
$apimServiceName = "aumanager-apim" | |
$apimOrganization = "Americas University" | |
$apimAdminEmail = "{alias}@americasuniversity.net" | |
$apimService = New-AzApiManagement ` | |
-ResourceGroupName $resGroupName ` |