Azure Network Application Gateway
This page shows how to write Terraform and Azure Resource Manager for Network Application Gateway and write them securely.
azurerm_application_gateway (Terraform)
The Application Gateway in Network can be configured in Terraform with the resource name azurerm_application_gateway. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "azurerm_application_gateway" "positive1" {
name = "example-appgateway"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
waf_configuration {
resource "azurerm_application_gateway" "positive1" {
name = "example-appgateway"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
waf_configuration {
resource "azurerm_application_gateway" "appgateway" {
name = local.appgateway
resource_group_name = azurerm_resource_group.spoke.name
location = azurerm_resource_group.spoke.location
sku {
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "example-resourceGroup"
location = "example --West-US"
sku {
resource "azurerm_application_gateway" "app-gateway" {
name = "appgateway"
resource_group_name = azurerm_resource_group.demo.name
location = var.location
sku {
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "example-resourceGroup"
location = "example --West-US"
sku {
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "example-resourceGroup"
location = "example --West-US"
sku {
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "example-resourceGroup"
location = "example --West-US"
sku {
resource "azurerm_application_gateway" "negative1" {
name = "example-appgateway"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
waf_configuration {
resource "azurerm_application_gateway" "app-gateway" {
name = "appgateway"
resource_group_name = azurerm_resource_group.demo.name
location = var.location
sku {
Parameters
-
enable_http2optional - bool -
firewall_policy_idoptional - string -
idoptional computed - string -
locationrequired - string -
namerequired - string -
resource_group_namerequired - string -
tagsoptional - map from string to string -
zonesoptional - list of string -
authentication_certificatelist block -
autoscale_configurationlist block-
max_capacityoptional - number -
min_capacityrequired - number
-
-
backend_address_poollist block-
fqdnsoptional - list of string -
idoptional computed - string -
ip_addressesoptional - list of string -
namerequired - string
-
-
backend_http_settingslist block-
affinity_cookie_nameoptional - string -
cookie_based_affinityrequired - string -
host_nameoptional - string -
idoptional computed - string -
namerequired - string -
pathoptional - string -
pick_host_name_from_backend_addressoptional - bool -
portrequired - number -
probe_idoptional computed - string -
probe_nameoptional - string -
protocolrequired - string -
request_timeoutoptional - number -
trusted_root_certificate_namesoptional - list of string -
authentication_certificatelist block -
connection_draininglist block-
drain_timeout_secrequired - number -
enabledrequired - bool
-
-
-
custom_error_configurationlist block-
custom_error_page_urlrequired - string -
idoptional computed - string -
status_coderequired - string
-
-
frontend_ip_configurationlist block-
idoptional computed - string -
namerequired - string -
private_ip_addressoptional computed - string -
private_ip_address_allocationoptional computed - string -
public_ip_address_idoptional computed - string -
subnet_idoptional computed - string
-
-
frontend_portset block -
gateway_ip_configurationlist block -
http_listenerlist block-
firewall_policy_idoptional - string -
frontend_ip_configuration_idoptional computed - string -
frontend_ip_configuration_namerequired - string -
frontend_port_idoptional computed - string -
frontend_port_namerequired - string -
host_nameoptional - string -
host_namesoptional - set of string -
idoptional computed - string -
namerequired - string -
protocolrequired - string -
require_snioptional - bool -
ssl_certificate_idoptional computed - string -
ssl_certificate_nameoptional - string -
custom_error_configurationlist block-
custom_error_page_urlrequired - string -
idoptional computed - string -
status_coderequired - string
-
-
-
identitylist block-
identity_idsrequired - list of string -
typeoptional - string
-
-
probelist block-
hostoptional - string -
idoptional computed - string -
intervalrequired - number -
minimum_serversoptional - number -
namerequired - string -
pathrequired - string -
pick_host_name_from_backend_http_settingsoptional - bool -
portoptional - number -
protocolrequired - string -
timeoutrequired - number -
unhealthy_thresholdrequired - number -
matchlist block-
bodyoptional - string -
status_codeoptional - list of string
-
-
-
redirect_configurationset block-
idoptional computed - string -
include_pathoptional - bool -
include_query_stringoptional - bool -
namerequired - string -
redirect_typerequired - string -
target_listener_idoptional computed - string -
target_listener_nameoptional - string -
target_urloptional - string
-
-
request_routing_ruleset block-
backend_address_pool_idoptional computed - string -
backend_address_pool_nameoptional - string -
backend_http_settings_idoptional computed - string -
backend_http_settings_nameoptional - string -
http_listener_idoptional computed - string -
http_listener_namerequired - string -
idoptional computed - string -
namerequired - string -
redirect_configuration_idoptional computed - string -
redirect_configuration_nameoptional - string -
rewrite_rule_set_idoptional computed - string -
rewrite_rule_set_nameoptional - string -
rule_typerequired - string -
url_path_map_idoptional computed - string -
url_path_map_nameoptional - string
-
-
rewrite_rule_setlist block-
idoptional computed - string -
namerequired - string -
rewrite_rulelist block-
namerequired - string -
rule_sequencerequired - number -
conditionlist block-
ignore_caseoptional - bool -
negateoptional - bool -
patternrequired - string -
variablerequired - string
-
-
request_header_configurationlist block-
header_namerequired - string -
header_valuerequired - string
-
-
response_header_configurationlist block-
header_namerequired - string -
header_valuerequired - string
-
-
urllist block-
pathoptional - string -
query_stringoptional - string -
rerouteoptional - bool
-
-
-
-
skulist block -
ssl_certificatelist block-
dataoptional - string -
idoptional computed - string -
key_vault_secret_idoptional - string -
namerequired - string -
passwordoptional - string -
public_cert_dataoptional computed - string
-
-
ssl_policylist block-
cipher_suitesoptional - list of string -
disabled_protocolsoptional - list of string -
min_protocol_versionoptional - string -
policy_nameoptional - string -
policy_typeoptional - string
-
-
timeoutssingle block -
trusted_root_certificatelist block -
url_path_maplist block-
default_backend_address_pool_idoptional computed - string -
default_backend_address_pool_nameoptional - string -
default_backend_http_settings_idoptional computed - string -
default_backend_http_settings_nameoptional - string -
default_redirect_configuration_idoptional computed - string -
default_redirect_configuration_nameoptional - string -
default_rewrite_rule_set_idoptional computed - string -
default_rewrite_rule_set_nameoptional - string -
idoptional computed - string -
namerequired - string -
path_rulelist block-
backend_address_pool_idoptional computed - string -
backend_address_pool_nameoptional - string -
backend_http_settings_idoptional computed - string -
backend_http_settings_nameoptional - string -
firewall_policy_idoptional - string -
idoptional computed - string -
namerequired - string -
pathsrequired - list of string -
redirect_configuration_idoptional computed - string -
redirect_configuration_nameoptional - string -
rewrite_rule_set_idoptional computed - string -
rewrite_rule_set_nameoptional - string
-
-
-
waf_configurationlist block-
enabledrequired - bool -
file_upload_limit_mboptional - number -
firewall_moderequired - string -
max_request_body_size_kboptional - number -
request_body_checkoptional - bool -
rule_set_typeoptional - string -
rule_set_versionrequired - string -
disabled_rule_grouplist block-
rule_group_namerequired - string -
rulesoptional - list of number
-
-
exclusionlist block-
match_variablerequired - string -
selectoroptional - string -
selector_match_operatoroptional - string
-
-
Explanation in Terraform Registry
Manages an Application Gateway.
Tips: Best Practices for The Other Azure Network Resources
In addition to the azurerm_network_security_group, Azure Network has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
azurerm_network_security_group
Ensure to disable RDP port from the Internet
It is better to disable the RDP port from the Internet. RDP access should not be accepted from the Internet (*, 0.0.0.0, /0, internet, any), and consider using the Azure Bastion Service.
azurerm_network_security_rule
Ensure to set a more restrictive CIDR range for ingress from the internet
It is better to set a more restrictive CIDR range not to use very broad subnets. If possible, segments should be divided into smaller subnets.
azurerm_network_watcher_flow_log
Ensure to enable Retention policy for flow logs and set it to enough duration
It is better to enable a retention policy for flow logs. Flow logs show us all network activity in the cloud environment and support us when we face critical incidents.
Microsoft.Network/applicationGateways (Azure Resource Manager)
The applicationGateways in Microsoft.Network can be configured in Azure Resource Manager with the resource name Microsoft.Network/applicationGateways. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
"type": "Microsoft.Network/applicationGateways",
"location": "[parameters('location')]",
"dependsOn": [
"[variables('virtualNetworkName')]",
"[variables('publicIPAddressName')]"
],
"type": "Microsoft.Network/applicationGateways",
"location": "[parameters('location')]",
"dependsOn": [
"[variables('virtualNetworkName')]",
"[variables('publicIPAddressName')]"
],
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2018-12-01",
"name": "[parameters('applicationGatewayName')]",
"location": "[resourceGroup().location]",
"properties": {
"sku": {
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2019-06-01",
"name": "[parameters('applicationGateways_sf_agt_name')]",
"location": "centralus",
"properties": {
"provisioningState": "Succeeded",
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2019-06-01",
"name": "[variables('name_appGateway')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2019-06-01",
"name": "[variables('name_appGateway')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"type": "Microsoft.Network/applicationGateways",
"location": "[parameters('location')]",
"dependsOn": [
"[parameters('appGtwyPipDomainName')]"
],
"properties": {
"type":"Microsoft.Network/applicationGateways",
"dependsOn":[
"[resourceId('Microsoft.Network/publicIPAddresses/','ag_pub_ip')]"
],
"tags":{
"colony-space-id":"2630148b-8c7e-4003-9d3f-a646c9616009",
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2018-08-01",
"name": "[concat(variables('namespace'), 'appgateway')]",
"location": "[parameters('location')]",
"condition": "[empty(parameters('sslPfxCertificatePassword'))]",
"properties": {
"type": "Microsoft.Network/applicationGateways",
"apiVersion": "2019-06-01",
"location": "[variables('location')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('publicIpAddressName'))]"
],
Parameters
namerequired - stringtyperequired - stringapiVersionrequired - stringlocationrequired - stringResource location.
tagsoptional - stringResource tags.
propertiesrequiredskuoptionalnameoptional - stringName of an application gateway SKU.
tieroptional - stringTier of an application gateway.
capacityoptional - integerCapacity (instance count) of an application gateway.
sslPolicyoptionaldisabledSslProtocolsoptional - arraySsl protocols to be disabled on application gateway.
policyTypeoptional - stringType of Ssl Policy.
policyNameoptional - stringName of Ssl predefined policy.
cipherSuitesoptional - arraySsl cipher suites to be enabled in the specified order to application gateway.
minProtocolVersionoptional - stringMinimum version of Ssl protocol to be supported on application gateway.
gatewayIPConfigurationsoptional arraypropertiesoptionalsubnetoptionalidrequired - stringResource ID.
nameoptional - stringName of the IP configuration that is unique within an Application Gateway.
authenticationCertificatesoptional arraypropertiesoptionaldataoptional - stringCertificate public data.
nameoptional - stringName of the authentication certificate that is unique within an Application Gateway.
trustedRootCertificatesoptional arraypropertiesoptionaldataoptional - stringCertificate public data.
keyVaultSecretIdoptional - stringSecret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
nameoptional - stringName of the trusted root certificate that is unique within an Application Gateway.
trustedClientCertificatesoptional arraypropertiesoptionaldataoptional - stringCertificate public data.
nameoptional - stringName of the trusted client certificate that is unique within an Application Gateway.
sslCertificatesoptional arraypropertiesoptionaldataoptional - stringBase-64 encoded pfx certificate. Only applicable in PUT Request.
passwordoptional - stringPassword for the pfx file specified in data. Only applicable in PUT request.
keyVaultSecretIdoptional - stringSecret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault.
nameoptional - stringName of the SSL certificate that is unique within an Application Gateway.
frontendIPConfigurationsoptional arraypropertiesoptionalprivateIPAddressoptional - stringPrivateIPAddress of the network interface IP Configuration.
privateIPAllocationMethodoptional - stringThe private IP address allocation method.
subnetoptionalidrequired - stringResource ID.
publicIPAddressoptionalidrequired - stringResource ID.
privateLinkConfigurationoptionalidrequired - stringResource ID.
nameoptional - stringName of the frontend IP configuration that is unique within an Application Gateway.
frontendPortsoptional arraypropertiesoptionalportoptional - integerFrontend port.
nameoptional - stringName of the frontend port that is unique within an Application Gateway.
probesoptional arraypropertiesoptionalprotocoloptional - stringThe protocol used for the probe.
hostoptional - stringHost name to send the probe to.
pathoptional - stringRelative path of probe. Valid path starts from '/'. Probe is sent to <Protocol>://<host>:<port><path>.
intervaloptional - integerThe probing interval in seconds. This is the time interval between two consecutive probes. Acceptable values are from 1 second to 86400 seconds.
timeoutoptional - integerThe probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Acceptable values are from 1 second to 86400 seconds.
unhealthyThresholdoptional - integerThe probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Acceptable values are from 1 second to 20.
pickHostNameFromBackendHttpSettingsoptional - booleanWhether the host header should be picked from the backend http settings. Default value is false.
minServersoptional - integerMinimum number of servers that are always marked healthy. Default value is 0.
matchoptionalbodyoptional - stringBody that must be contained in the health response. Default value is empty.
statusCodesoptional - arrayAllowed ranges of healthy status codes. Default range of healthy status codes is 200-399.
portoptional - integerCustom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used. This property is valid for Standard_v2 and WAF_v2 only.
nameoptional - stringName of the probe that is unique within an Application Gateway.
backendAddressPoolsoptional arraypropertiesoptionalbackendAddressesoptional arrayfqdnoptional - stringFully qualified domain name (FQDN).
ipAddressoptional - stringIP address.
nameoptional - stringName of the backend address pool that is unique within an Application Gateway.
backendHttpSettingsCollectionoptional arraypropertiesoptionalportoptional - integerThe destination port on the backend.
protocoloptional - stringThe protocol used to communicate with the backend.
cookieBasedAffinityoptional - stringCookie based affinity.
requestTimeoutoptional - integerRequest timeout in seconds. Application Gateway will fail the request if response is not received within RequestTimeout. Acceptable values are from 1 second to 86400 seconds.
probeoptionalidrequired - stringResource ID.
authenticationCertificatesoptional arrayidrequired - stringResource ID.
trustedRootCertificatesoptional arrayidrequired - stringResource ID.
connectionDrainingoptionalenabledrequired - booleanWhether connection draining is enabled or not.
drainTimeoutInSecrequired - integerThe number of seconds connection draining is active. Acceptable values are from 1 second to 3600 seconds.
hostNameoptional - stringHost header to be sent to the backend servers.
pickHostNameFromBackendAddressoptional - booleanWhether to pick host header should be picked from the host name of the backend server. Default value is false.
affinityCookieNameoptional - stringCookie name to use for the affinity cookie.
probeEnabledoptional - booleanWhether the probe is enabled. Default value is false.
pathoptional - stringPath which should be used as a prefix for all HTTP requests. Null means no path will be prefixed. Default value is null.
nameoptional - stringName of the backend http settings that is unique within an Application Gateway.
httpListenersoptional arraypropertiesoptionalfrontendIPConfigurationoptionalidrequired - stringResource ID.
frontendPortoptionalidrequired - stringResource ID.
protocoloptional - stringProtocol of the HTTP listener.
hostNameoptional - stringHost name of HTTP listener.
sslCertificateoptionalidrequired - stringResource ID.
sslProfileoptionalidrequired - stringResource ID.
requireServerNameIndicationoptional - booleanApplicable only if protocol is https. Enables SNI for multi-hosting.
customErrorConfigurationsoptional arraystatusCodeoptional - stringStatus code of the application gateway customer error.
customErrorPageUrloptional - stringError page URL of the application gateway customer error.
firewallPolicyoptionalidrequired - stringResource ID.
hostNamesoptional - arrayList of Host names for HTTP Listener that allows special wildcard characters as well.
nameoptional - stringName of the HTTP listener that is unique within an Application Gateway.
sslProfilesoptional arraypropertiesoptionaltrustedClientCertificatesoptional arrayidrequired - stringResource ID.
sslPolicyoptionaldisabledSslProtocolsoptional - arraySsl protocols to be disabled on application gateway.
policyTypeoptional - stringType of Ssl Policy.
policyNameoptional - stringName of Ssl predefined policy.
cipherSuitesoptional - arraySsl cipher suites to be enabled in the specified order to application gateway.
minProtocolVersionoptional - stringMinimum version of Ssl protocol to be supported on application gateway.
clientAuthConfigurationoptionalverifyClientCertIssuerDNoptional - booleanVerify client certificate issuer name on the application gateway.
nameoptional - stringName of the SSL profile that is unique within an Application Gateway.
urlPathMapsoptional arraypropertiesoptionaldefaultBackendAddressPooloptionalidrequired - stringResource ID.
defaultBackendHttpSettingsoptionalidrequired - stringResource ID.
defaultRewriteRuleSetoptionalidrequired - stringResource ID.
defaultRedirectConfigurationoptionalidrequired - stringResource ID.
pathRulesoptional arraypropertiesoptionalpathsoptional - arrayPath rules of URL path map.
backendAddressPooloptionalidrequired - stringResource ID.
backendHttpSettingsoptionalidrequired - stringResource ID.
redirectConfigurationoptionalidrequired - stringResource ID.
rewriteRuleSetoptionalidrequired - stringResource ID.
firewallPolicyoptionalidrequired - stringResource ID.
nameoptional - stringName of the path rule that is unique within an Application Gateway.
nameoptional - stringName of the URL path map that is unique within an Application Gateway.
requestRoutingRulesoptional arraypropertiesoptionalruleTypeoptional - stringRule type.
priorityoptional - integerPriority of the request routing rule.
backendAddressPooloptionalidrequired - stringResource ID.
backendHttpSettingsoptionalidrequired - stringResource ID.
httpListeneroptionalidrequired - stringResource ID.
urlPathMapoptionalidrequired - stringResource ID.
rewriteRuleSetoptionalidrequired - stringResource ID.
redirectConfigurationoptionalidrequired - stringResource ID.
nameoptional - stringName of the request routing rule that is unique within an Application Gateway.
rewriteRuleSetsoptional arraypropertiesoptionalrewriteRulesoptional arraynameoptional - stringName of the rewrite rule that is unique within an Application Gateway.
ruleSequenceoptional - integerRule Sequence of the rewrite rule that determines the order of execution of a particular rule in a RewriteRuleSet.
conditionsoptional arrayvariableoptional - stringThe condition parameter of the RewriteRuleCondition.
patternoptional - stringThe pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignoreCaseoptional - booleanSetting this parameter to truth value with force the pattern to do a case in-sensitive comparison.
negateoptional - booleanSetting this value as truth will force to check the negation of the condition given by the user.
actionSetoptionalrequestHeaderConfigurationsoptional arrayheaderNameoptional - stringHeader name of the header configuration.
headerValueoptional - stringHeader value of the header configuration.
responseHeaderConfigurationsoptional arrayheaderNameoptional - stringHeader name of the header configuration.
headerValueoptional - stringHeader value of the header configuration.
urlConfigurationoptionalmodifiedPathoptional - stringUrl path which user has provided for url rewrite. Null means no path will be updated. Default value is null.
modifiedQueryStringoptional - stringQuery string which user has provided for url rewrite. Null means no query string will be updated. Default value is null.
rerouteoptional - booleanIf set as true, it will re-evaluate the url path map provided in path based request routing rules using modified path. Default value is false.
nameoptional - stringName of the rewrite rule set that is unique within an Application Gateway.
redirectConfigurationsoptional arraypropertiesoptionalredirectTypeoptional - stringHTTP redirection type.
targetListeneroptionalidrequired - stringResource ID.
targetUrloptional - stringUrl to redirect the request to.
includePathoptional - booleanInclude path in the redirected url.
includeQueryStringoptional - booleanInclude query string in the redirected url.
requestRoutingRulesoptional arrayidrequired - stringResource ID.
urlPathMapsoptional arrayidrequired - stringResource ID.
pathRulesoptional arrayidrequired - stringResource ID.
nameoptional - stringName of the redirect configuration that is unique within an Application Gateway.
webApplicationFirewallConfigurationoptionalenabledrequired - booleanWhether the web application firewall is enabled or not.
firewallModerequired - stringWeb application firewall mode.
ruleSetTyperequired - stringThe type of the web application firewall rule set. Possible values are: 'OWASP'.
ruleSetVersionrequired - stringThe version of the rule set type.
disabledRuleGroupsoptional arrayruleGroupNamerequired - stringThe name of the rule group that will be disabled.
rulesoptional - arrayThe list of rules that will be disabled. If null, all rules of the rule group will be disabled.
requestBodyCheckoptional - booleanWhether allow WAF to check request Body.
maxRequestBodySizeoptional - integerMaximum request body size for WAF.
maxRequestBodySizeInKboptional - integerMaximum request body size in Kb for WAF.
fileUploadLimitInMboptional - integerMaximum file upload size in Mb for WAF.
exclusionsoptional arraymatchVariablerequired - stringThe variable to be excluded.
selectorMatchOperatorrequired - stringWhen matchVariable is a collection, operate on the selector to specify which elements in the collection this exclusion applies to.
selectorrequired - stringWhen matchVariable is a collection, operator used to specify which elements in the collection this exclusion applies to.
firewallPolicyoptionalidrequired - stringResource ID.
enableHttp2optional - booleanWhether HTTP2 is enabled on the application gateway resource.
enableFipsoptional - booleanWhether FIPS is enabled on the application gateway resource.
autoscaleConfigurationoptionalminCapacityrequired - integerLower bound on number of Application Gateway capacity.
maxCapacityoptional - integerUpper bound on number of Application Gateway capacity.
privateLinkConfigurationsoptional arraypropertiesoptionalipConfigurationsoptional arraypropertiesoptionalprivateIPAddressoptional - stringThe private IP address of the IP configuration.
privateIPAllocationMethodoptional - stringThe private IP address allocation method.
subnetoptionalidrequired - stringResource ID.
primaryoptional - booleanWhether the ip configuration is primary or not.
nameoptional - stringThe name of application gateway private link ip configuration.
nameoptional - stringName of the private link configuration that is unique within an Application Gateway.
customErrorConfigurationsoptional arraystatusCodeoptional - stringStatus code of the application gateway customer error.
customErrorPageUrloptional - stringError page URL of the application gateway customer error.
forceFirewallPolicyAssociationoptional - booleanIf true, associates a firewall policy with an application gateway regardless whether the policy differs from the WAF Config.
zonesoptional - arrayA list of availability zones denoting where the resource needs to come from.
identityoptionaltypeoptional - stringThe type of identity used for the resource. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine.
userAssignedIdentitiesoptional - undefinedThe list of user identities associated with resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'.
Frequently asked questions
What is Azure Network Application Gateway?
Azure Network Application Gateway is a resource for Network of Microsoft Azure. Settings can be wrote in Terraform.
Where can I find the example code for the Azure Network Application Gateway?
For Terraform, the Checkmarx/kics, leonidweinbergcx/mykics and fortunkam/aks-public-cluster source code examples are useful. See the Terraform Example section for further details.
For Azure Resource Manager, the RaymondHartog/init-yapl-demo, RaymondHartog/init-yapl-demo and Mski89/Nested source code examples are useful. See the Azure Resource Manager Example section for further details.
