Skip to content

Application Gateway

See below for an example of an application gateway configuration. Tags are used to identify the resources that will be added to the application gateway's backend address pool.

Application Gateway Variables Example

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
agws = {
    myagw = {
        name = "agw-epic-eus2-np"
        resource_group = "network"
        gateway_ip_configuration = [{
            name = "agw-gic-epic-eus2-np"
            subnet = "sharedinfra.agw"
        }]
        frontend_ip_configuration = [{
            name = "agw-gic-epic-eus2-np"
            public_ip_address = "agw"
        }]
        probe = [{}]
        ssl_certificate = [{}]
        trusted_root_certificate = [{}]
        backend_address_pool = [
            {
                name = "backend_address_hsw"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "hsw"
                    }
                }
            },
            {
                name = "backend_address_slic"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "slic"
                    }
                }
            },
            {
                name = "backend_address_wbs"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "wbs"
                    }
                }
            },
            {
                name = "backend_address_eds"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "eds"
                    }
                }
            },
            {
                name = "backend_address_erpx"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "erpx"
                    }
                }
            },
            {
                name = "backend_address_icfg"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "icfg"
                    }
                }
            },
            {
                name = "backend_address_rpx"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "rpx"
                    }
                }
            },
            {
                name = "backend_address_wbs"
                target = {
                    vm_tag = {
                        key = "backend_address_pool"
                        value = "wbs"
                    }
                }
            }
        ]
        backend_http_settings = [
            {
                name = "backend_https_hsw"
                host_name = "agw.ibx.com"
                affinity_cookie_name = "hsw-affinitycookie"
                connection_draining = {}
            },
            {
                name = "backend_https_slic"
                host_name = "agw.ibx.com"
                affinity_cookie_name = "slic-affinitycookie"
                connection_draining = {}
            },
            {
                name = "backend_https_wbs"
                host_name = "agw.ibx.com"
            },
            {
                name = "backend_https_eds"
                host_name = "agw.ibx.com"
            },
            {
                name = "backend_https_erpx"
                host_name = "agw.ibx.com"
            },
            {
                name = "backend_https_icfg"
                host_name = "agw.ibx.com"
            },
            {
                name = "backend_https_rpx"
                host_name = "agw.ibx.com"
            }
        ]
        http_listener = [
            {
                name = "http_listener_hsw"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["hsw.sapphirehealth.org"]
            },
            {
                name = "https_listener_hsw"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["hsw.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            },
            {
                name = "http_listener_slic"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["slic.sapphirehealth.org"]
            },
            {
                name = "https_listener_slic"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["slic.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            },
            {
                name = "http_listener_wbs"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["wbs.sapphirehealth.org"]
            },
            {
                name = "https_listener_wbs"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["wbs.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            },
            {
                name = "http_listener_eds"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["eds.sapphirehealth.org"]
            },
            {
                name = "https_listener_eds"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["eds.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            },
            {
                name = "http_listener_erpx"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["erpx.sapphirehealth.org"]
            },
            {
                name = "https_listener_erpx"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["erpx.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            },
            {
                name = "http_listener_icfg"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["icfg.sapphirehealth.org"]
            },
            {
                name = "https_listener_icfg"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["icfg.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            },
            {
                name = "http_listener_rpx"
                frontend_port_name = "port_80"
                protocol = "Http"
                host_names = ["rpx.sapphirehealth.org"]
            },
            {
                name = "https_listener_rpx"
                frontend_port_name = "port_443"
                protocol = "Https"
                host_names = ["rpx.sapphirehealth.org"]
                ssl_certificate_name = "default_listener"
            }
        ]
        redirect_configuration = [
            {
                name = "redirect_80_to_443_hsw"
                target_listener_name = "https_listener_hsw"
            },
            {
                name = "redirect_80_to_443_slic"
                target_listener_name = "https_listener_slic"
            },
            {
                name = "redirect_80_to_443_wbs"
                target_listener_name = "https_listener_wbs"
            },
            {
                name = "redirect_80_to_443_eds"
                target_listener_name = "https_listener_eds"
            },
            {
                name = "redirect_80_to_443_erpx"
                target_listener_name = "https_listener_erpx"
            },
            {
                name = "redirect_80_to_443_icfg"
                target_listener_name = "https_listener_icfg"
            },
            {
                name = "redirect_80_to_443_rpx"
                target_listener_name = "https_listener_rpx"
            }
        ]
        request_routing_rule = [
            {
                name = "hsw_http"
                priority = 10
                rule_type = "Basic"
                http_listener_name = "http_listener_hsw"
                redirect_configuration_name = "redirect_80_to_443_hsw"
            },
            {
                name = "hsw_https"
                priority = 20
                rule_type = "Basic"
                http_listener_name = "https_listener_hsw"
                backend_address_pool_name = "backend_address_hsw"
                backend_http_settings_name = "backend_https_hsw"
            },
            {
                name = "slic_http"
                priority = 30
                rule_type = "Basic"
                http_listener_name = "http_listener_slic"
                redirect_configuration_name = "redirect_80_to_443_slic"
            },
            {
                name = "slic_https"
                priority = 40
                rule_type = "Basic"
                http_listener_name = "https_listener_slic"
                backend_address_pool_name = "backend_address_slic"
                backend_http_settings_name = "backend_https_slic"
            },
            {
                name = "wbs_http"
                priority = 50
                rule_type = "Basic"
                http_listener_name = "http_listener_wbs"
                redirect_configuration_name = "redirect_80_to_443_wbs"
            },
            {
                name = "wbs_https"
                priority = 60
                rule_type = "Basic"
                http_listener_name = "https_listener_wbs"
                backend_address_pool_name = "backend_address_wbs"
                backend_http_settings_name = "backend_https_wbs"
            },
            {
                name = "eds_http"
                priority = 70
                rule_type = "Basic"
                http_listener_name = "http_listener_eds"
                redirect_configuration_name = "redirect_80_to_443_eds"
            },
            {
                name = "eds_https"
                priority = 80
                rule_type = "Basic"
                http_listener_name = "https_listener_eds"
                backend_address_pool_name = "backend_address_eds"
                backend_http_settings_name = "backend_https_eds"
            },
            {
                name = "erpx_http"
                priority = 90
                rule_type = "Basic"
                http_listener_name = "http_listener_erpx"
                redirect_configuration_name = "redirect_80_to_443_erpx"
            },
            {
                name = "erpx_https"
                priority = 100
                rule_type = "Basic"
                http_listener_name = "https_listener_erpx"
                backend_address_pool_name = "backend_address_erpx"
                backend_http_settings_name = "backend_https_erpx"
            },
            {
                name = "icfg_http"
                priority = 110
                rule_type = "Basic"
                http_listener_name = "http_listener_icfg"
                redirect_configuration_name = "redirect_80_to_443_icfg"
            },
            {
                name = "icfg_https"
                priority = 120
                rule_type = "Basic"
                http_listener_name = "https_listener_icfg"
                backend_address_pool_name = "backend_address_icfg"
                backend_http_settings_name = "backend_https_icfg"
            },
            {
                name = "rpx_http"
                priority = 130
                rule_type = "Basic"
                http_listener_name = "http_listener_rpx"
                redirect_configuration_name = "redirect_80_to_443_rpx"
            },
            {
                name = "rpx_https"
                priority = 140
                rule_type = "Basic"
                http_listener_name = "https_listener_rpx"
                backend_address_pool_name = "backend_address_rpx"
                backend_http_settings_name = "backend_https_rpx"
            }
        ]
    }
}

VM Tags Example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
windows_vms = {
    hsw_z1 = {
        names = [
            "HSW1TEST",
            "HSW2TEST"
        ]
        zones = ["1"]
        size = "Standard_D2s_v4"
        virtual_machine_scale_set = "testvmss"
        resource_group = "hsw"
        nics = {
            primary = {
                ip_configuration = [{
                    subnet = "main.hsw"
                }]
            }
        }
        boot_diagnostics = {
            storage_account = "diag2"
        }
        tags = {
            application = "hsw"
            backend_address_pool = "hsw"
        }
    }
    hsw_z2 = {
        ##Hyperspace Web Servers##
        names = [
            "HSW3TEST",
            "HSW4TEST"
        ]
        zones = ["2"]
        size = "Standard_D2s_v4"
        virtual_machine_scale_set = "testvmss"
        resource_group = "hsw"
        nics = {
            primary = {
                ip_configuration = [{
                    subnet = "main.hsw"
                }]
            }
        }
        boot_diagnostics = {
            storage_account = "diag2"
        }
        tags = {
            application = "hsw"
            backend_address_pool = "hsw"
        }
    }