title: Azure PowerShell Script Sample - Restrict web traffic | Microsoft Docs description: Azure PowerShell Script Sample - Create an application gateway with a web application firewall and a virtual machine scale set that uses OWASP rules to restrict traffic. services: application-gateway documentationcenter: networking author: vhorne manager: jpconnock editor: tysonn tags: azure-resource-manager
ms.service: application-gateway ms.topic: sample ms.tgt_pltfrm: vm-windows ms.workload: infrastructure ms.date: 01/29/2018 ms.author: victorh ms.custom: mvc
This script creates an application gateway with a web application firewall that uses a virtual machine scale set for backend servers. The web application firewall restricts web traffic based on OWASP rules. After running the script, you can test the application gateway using its public IP address.
[!INCLUDE sample-powershell-install]
[!INCLUDE quickstarts-free-trial-note]
[!code-powershellmain]
Run the following command to remove the resource group, application gateway, and all related resources.
Remove-AzureRmResourceGroup -Name myResourceGroupAGThis script uses the following commands to create the deployment. Each item in the table links to command specific documentation.
| Command | Notes |
|---|---|
| New-AzureRmResourceGroup | Creates a resource group in which all resources are stored. |
| New-AzureRmVirtualNetworkSubnetConfig | Creates the subnet configuration. |
| New-AzureRmVirtualNetwork | Creates the virtual network using with the subnet configurations. |
| New-AzureRmPublicIpAddress | Creates the public IP address for the application gateway. |
| New-AzureRmApplicationGatewayIPConfiguration | Creates the configuration that associates a subnet with the application gateway. |
| New-AzureRmApplicationGatewayFrontendIPConfig | Creates the configuration that assigns a public IP address to the application gateway. |
| New-AzureRmApplicationGatewayFrontendPort | Assigns a port to be used to access the application gateway. |
| New-AzureRmApplicationGatewayBackendAddressPool | Creates a backend pool for an application gateway. |
| New-AzureRmApplicationGatewayBackendHttpSettings | Configures settings for a backend pool. |
| New-AzureRmApplicationGatewayHttpListener | Creates a listener. |
| New-AzureRmApplicationGatewayRequestRoutingRule | Creates a routing rule. |
| New-AzureRmApplicationGatewaySku | Specify the tier and capacity for an application gateway. |
| New-AzureRmApplicationGatewayWebApplicationFirewallConfiguration | Creates the web application firewall configuration. |
| New-AzureRmApplicationGateway | Create an application gateway. |
| Set-AzureRmVmssStorageProfile | Create a storage profile for the scale set. |
| Set-AzureRmVmssOsProfile | Define the operating system for the scale set. |
| Add-AzureRmVmssNetworkInterfaceConfiguration | Define the network interface for the scale set. |
| New-AzureRmVmss | Create a virtual machine scale set. |
| New-AzureRmStorageAccount | Creates a storage account. |
| Set-AzureRmDiagnosticSetting | Configures diagnostics to record data. |
| Get-AzureRmPublicIPAddress | Gets the public IP address of an application gateway. |
| Remove-AzureRmResourceGroup | Removes a resource group and all resources contained within. |
For more information on the Azure PowerShell module, see Azure PowerShell documentation.
Additional application gateway PowerShell script samples can be found in the Azure Application Gateway documentation.