| title | description | author | ms.service | ms.topic | ms.date | ms.author | ms.custom |
|---|---|---|---|---|---|---|---|
Azure PowerShell Script Sample - Create WAF custom rules |
Azure PowerShell Script Sample - Create Web Application Firewall custom rules |
greg-lindsay |
application-gateway |
sample |
6/7/2019 |
greglin |
devx-track-azurepowershell |
This script creates an Application Gateway Web Application Firewall that uses custom rules. The custom rule blocks traffic if the request header contains User-Agent evilbot.
If you choose to install and use Azure PowerShell locally, this script requires the Azure PowerShell module version 2.1.0 or later.
- To find the version, run
Get-Module -ListAvailable Az. If you need to upgrade, see Install Azure PowerShell module. - To create a connection with Azure, run
Connect-AzAccount.
[!INCLUDE quickstarts-free-trial-note]
[!code-powershellmain]
Run the following command to remove the resource group, application gateway, and all related resources.
Remove-AzResourceGroup -Name CustomRulesTestThis script uses the following commands to create the deployment. Each item in the table links to command specific documentation.
| Command | Notes |
|---|---|
| New-AzResourceGroup | Creates a resource group in which all resources are stored. |
| New-AzVirtualNetworkSubnetConfig | Creates the subnet configuration. |
| New-AzVirtualNetwork | Creates the virtual network using with the subnet configurations. |
| New-AzPublicIpAddress | Creates the public IP address for the application gateway. |
| New-AzApplicationGatewayIPConfiguration | Creates the configuration that associates a subnet with the application gateway. |
| New-AzApplicationGatewayFrontendIPConfig | Creates the configuration that assigns a public IP address to the application gateway. |
| New-AzApplicationGatewayFrontendPort | Assigns a port to be used to access the application gateway. |
| New-AzApplicationGatewayBackendAddressPool | Creates a backend pool for an application gateway. |
| New-AzApplicationGatewayBackendHttpSettings | Configures settings for a backend pool. |
| New-AzApplicationGatewayHttpListener | Creates a listener. |
| New-AzApplicationGatewayRequestRoutingRule | Creates a routing rule. |
| New-AzApplicationGatewaySku | Specify the tier and capacity for an application gateway. |
| New-AzApplicationGateway | Create an application gateway. |
| Remove-AzResourceGroup | Removes a resource group and all resources contained within. |
| New-AzApplicationGatewayAutoscaleConfiguration | Creates an autoscale configuration for the Application Gateway. |
| New-AzApplicationGatewayFirewallMatchVariable | Creates a match variable for firewall condition. |
| New-AzApplicationGatewayFirewallCondition | Creates a match condition for custom rule. |
| New-AzApplicationGatewayFirewallCustomRule | Creates a new custom rule for the application gateway firewall policy. |
| New-AzApplicationGatewayFirewallPolicy | Creates a application gateway firewall policy. |
| New-AzApplicationGatewayWebApplicationFirewallConfiguration | Creates a WAF configuration for an application gateway. |
- For more information about WAF custom rules, see Custom rules for Web Application Firewall
- For more information on the Azure PowerShell module, see Azure PowerShell documentation.
- Additional application gateway PowerShell script samples can be found in the Azure Application Gateway documentation.