az network application-gateway

Manage application-level routing and load balancing services.

To learn more about Application Gateway, visit https://learn.microsoft.com/en-us/azure/application-gateway/quick-create-cli.

Commands

Name	Description	Type	Status
az network application-gateway address-pool	Manage address pools of an application gateway.	Core	GA
az network application-gateway address-pool create	Create an address pool.	Core	GA
az network application-gateway address-pool delete	Delete an address pool.	Core	GA
az network application-gateway address-pool list	List address pools.	Core	GA
az network application-gateway address-pool show	Get the details of an address pool.	Core	GA
az network application-gateway address-pool update	Update an address pool.	Core	GA
az network application-gateway address-pool wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway auth-cert	Manage authorization certificates of an application gateway.	Core	GA
az network application-gateway auth-cert create	Create an authorization certificate.	Core	GA
az network application-gateway auth-cert delete	Delete an authorization certificate.	Core	GA
az network application-gateway auth-cert list	List authorization certificates.	Core	GA
az network application-gateway auth-cert show	Show an authorization certificate.	Core	GA
az network application-gateway auth-cert update	Update an authorization certificate.	Core	GA
az network application-gateway auth-cert wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway client-cert	Manage trusted client certificates of application gateway.	Core	GA
az network application-gateway client-cert add	Add trusted client certificate of the application gateway.	Core	GA
az network application-gateway client-cert list	List the existing trusted client certificates of the application gateway.	Core	GA
az network application-gateway client-cert remove	Remove an existing trusted client certificate of the application gateway.	Core	GA
az network application-gateway client-cert show	Show an existing trusted client certificate of the application gateway.	Core	GA
az network application-gateway client-cert update	Update trusted client certificate of the application gateway.	Core	GA
az network application-gateway client-cert wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway create	Create an application gateway.	Core	GA
az network application-gateway delete	Delete an application gateway.	Core	GA
az network application-gateway frontend-ip	Manage frontend IP addresses of an application gateway.	Core	GA
az network application-gateway frontend-ip create	Create a frontend IP address.	Core	GA
az network application-gateway frontend-ip delete	Delete a frontend IP address.	Core	GA
az network application-gateway frontend-ip list	List frontend IP addresses.	Core	GA
az network application-gateway frontend-ip show	Get the details of a frontend IP address.	Core	GA
az network application-gateway frontend-ip update	Update a frontend IP address.	Core	GA
az network application-gateway frontend-ip wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway frontend-port	Manage frontend ports of an application gateway.	Core	GA
az network application-gateway frontend-port create	Create a frontend port.	Core	GA
az network application-gateway frontend-port delete	Delete a frontend port.	Core	GA
az network application-gateway frontend-port list	List frontend ports.	Core	GA
az network application-gateway frontend-port show	Get the details of a frontend port.	Core	GA
az network application-gateway frontend-port update	Update a frontend port.	Core	GA
az network application-gateway frontend-port wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway http-listener	Manage HTTP listeners of an application gateway.	Core	GA
az network application-gateway http-listener create	Create an HTTP listener.	Core	GA
az network application-gateway http-listener delete	Delete an HTTP listener.	Core	GA
az network application-gateway http-listener list	List HTTP listeners.	Core	GA
az network application-gateway http-listener show	Get the details of an HTTP listener.	Core	GA
az network application-gateway http-listener update	Update an HTTP listener.	Core	GA
az network application-gateway http-listener wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway http-settings	Manage HTTP settings of an application gateway.	Core	GA
az network application-gateway http-settings create	Create HTTP settings.	Core	GA
az network application-gateway http-settings delete	Delete HTTP settings.	Core	GA
az network application-gateway http-settings list	List HTTP settings.	Core	GA
az network application-gateway http-settings show	Get the details of HTTP settings.	Core	GA
az network application-gateway http-settings update	Update HTTP settings.	Core	GA
az network application-gateway http-settings wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway identity	Manage the managed service identity of an application gateway.	Core	GA
az network application-gateway identity assign	Assign a managed service identity to an application gateway.	Core	GA
az network application-gateway identity remove	Remove the managed service identity of an application-gateway.	Core	GA
az network application-gateway identity show	Show the managed service identity of an application gateway.	Core	GA
az network application-gateway identity wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway list	List application gateways.	Core	GA
az network application-gateway listener	Manage listeners of an application gateway.	Core	GA
az network application-gateway listener create	Create a listener.	Core	GA
az network application-gateway listener delete	Delete a listener.	Core	GA
az network application-gateway listener list	List listeners.	Core	GA
az network application-gateway listener show	Get the details of a listener.	Core	GA
az network application-gateway listener update	Update a listener.	Core	GA
az network application-gateway listener wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway private-link	Manage private link of an application gateway.	Core	GA
az network application-gateway private-link add	Add a new private link with a default IP configuration and associate it with an existing frontend IP.	Core	Preview
az network application-gateway private-link ip-config	Manage IP configuration of a private link to configure its capability.	Core	Preview
az network application-gateway private-link ip-config add	Add an IP configuration to a private link to scale up its capability.	Core	Preview
az network application-gateway private-link ip-config list	List all the IP configurations of a private link.	Core	Preview
az network application-gateway private-link ip-config remove	Remove an IP configuration from a private link to scale down its capability.	Core	Preview
az network application-gateway private-link ip-config show	Show an IP configuration of a private link.	Core	Preview
az network application-gateway private-link ip-config wait	Place the CLI in a waiting state until a condition is met.	Core	Preview
az network application-gateway private-link list	List all the private links.	Core	Preview
az network application-gateway private-link remove	Remove a private link and clear association with Frontend IP. The subnet associate with a private link might need to clear manually.	Core	Preview
az network application-gateway private-link show	Show a private link.	Core	Preview
az network application-gateway private-link wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway probe	Manage probes to gather and evaluate information on an application gateway.	Core	GA
az network application-gateway probe create	Create a probe.	Core	GA
az network application-gateway probe delete	Delete a probe.	Core	GA
az network application-gateway probe list	List probes.	Core	GA
az network application-gateway probe show	Get the details of a probe.	Core	GA
az network application-gateway probe update	Update a probe.	Core	GA
az network application-gateway probe wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway redirect-config	Manage redirect configurations of an application gateway.	Core	GA
az network application-gateway redirect-config create	Create a redirect configuration.	Core	GA
az network application-gateway redirect-config delete	Delete a redirect configuration.	Core	GA
az network application-gateway redirect-config list	List redirect configurations.	Core	GA
az network application-gateway redirect-config show	Get the details of a redirect configuration.	Core	GA
az network application-gateway redirect-config update	Update a redirect configuration.	Core	GA
az network application-gateway redirect-config wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway rewrite-rule	Manage rewrite rules of an application gateway.	Core	GA
az network application-gateway rewrite-rule condition	Manage rewrite rule conditions of an application gateway.	Core	GA
az network application-gateway rewrite-rule condition create	Create a rewrite rule condition.	Core	GA
az network application-gateway rewrite-rule condition delete	Delete a rewrite rule condition.	Core	GA
az network application-gateway rewrite-rule condition list	List rewrite rule conditions.	Core	GA
az network application-gateway rewrite-rule condition list-server-variables	List all available server variables.	Core	GA
az network application-gateway rewrite-rule condition show	Get the details of a rewrite rule condition.	Core	GA
az network application-gateway rewrite-rule condition update	Update a rewrite rule condition.	Core	GA
az network application-gateway rewrite-rule condition wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway rewrite-rule create	Create a rewrite rule.	Core	GA
az network application-gateway rewrite-rule delete	Delete a rewrite rule.	Core	GA
az network application-gateway rewrite-rule list	List rewrite rules.	Core	GA
az network application-gateway rewrite-rule list-request-headers	List all available request headers.	Core	GA
az network application-gateway rewrite-rule list-response-headers	List all available response headers.	Core	GA
az network application-gateway rewrite-rule set	Manage rewrite rule sets of an application gateway.	Core	GA
az network application-gateway rewrite-rule set create	Create a rewrite rule set.	Core	GA
az network application-gateway rewrite-rule set delete	Delete a rewrite rule set.	Core	GA
az network application-gateway rewrite-rule set list	List rewrite rule sets.	Core	GA
az network application-gateway rewrite-rule set show	Get the details of a rewrite rule set.	Core	GA
az network application-gateway rewrite-rule set update	Update a rewrite rule set.	Core	GA
az network application-gateway rewrite-rule set wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway rewrite-rule show	Get the details of a rewrite rule.	Core	GA
az network application-gateway rewrite-rule update	Update a rewrite rule.	Core	GA
az network application-gateway rewrite-rule wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway root-cert	Manage trusted root certificates of an application gateway.	Core	GA
az network application-gateway root-cert create	Upload a trusted root certificate.	Core	GA
az network application-gateway root-cert delete	Delete a trusted root certificate.	Core	GA
az network application-gateway root-cert list	List trusted root certificates.	Core	GA
az network application-gateway root-cert show	Get the details of a trusted root certificate.	Core	GA
az network application-gateway root-cert update	Update a trusted root certificate.	Core	GA
az network application-gateway root-cert wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway routing-rule	Evaluate probe information and define TCP/TLS routing rules.	Core	GA
az network application-gateway routing-rule create	Create a rule.	Core	GA
az network application-gateway routing-rule delete	Delete a rule.	Core	GA
az network application-gateway routing-rule list	List rules.	Core	GA
az network application-gateway routing-rule show	Get the details of a rule.	Core	GA
az network application-gateway routing-rule update	Update a rule.	Core	GA
az network application-gateway routing-rule wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway rule	Evaluate probe information and define HTTP/HTTPS routing rules.	Core	GA
az network application-gateway rule create	Create a rule.	Core	GA
az network application-gateway rule delete	Delete a rule.	Core	GA
az network application-gateway rule list	List rules.	Core	GA
az network application-gateway rule show	Get the details of a rule.	Core	GA
az network application-gateway rule update	Update a rule.	Core	GA
az network application-gateway rule wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway settings	Manage settings of an application gateway.	Core	GA
az network application-gateway settings create	Create settings.	Core	GA
az network application-gateway settings delete	Delete settings.	Core	GA
az network application-gateway settings list	List settings.	Core	GA
az network application-gateway settings show	Get the details of settings.	Core	GA
az network application-gateway settings update	Update settings.	Core	GA
az network application-gateway settings wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway show	Get the details of an application gateway.	Core	GA
az network application-gateway show-backend-health	Get information on the backend health of an application gateway.	Core	GA
az network application-gateway ssl-cert	Manage SSL certificates of an application gateway.	Core	GA
az network application-gateway ssl-cert create	Upload an SSL certificate.	Core	GA
az network application-gateway ssl-cert delete	Delete an SSL certificate.	Core	GA
az network application-gateway ssl-cert list	List SSL certificates.	Core	GA
az network application-gateway ssl-cert show	Get the details of an SSL certificate.	Core	GA
az network application-gateway ssl-cert update	Update an SSL certificate.	Core	GA
az network application-gateway ssl-cert wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway ssl-policy	Manage the SSL policy of an application gateway.	Core	GA
az network application-gateway ssl-policy list-options	List available SSL options for configuring SSL policy.	Core	GA
az network application-gateway ssl-policy predefined	Get information on predefined SSL policies.	Core	GA
az network application-gateway ssl-policy predefined list	List all SSL predefined policies for configuring SSL policy.	Core	GA
az network application-gateway ssl-policy predefined show	Get SSL predefined policy with the specified policy name.	Core	GA
az network application-gateway ssl-policy set	Update an SSL policy settings.	Core	GA
az network application-gateway ssl-policy show	Get the details of an SSL policy settings.	Core	GA
az network application-gateway ssl-policy wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway ssl-profile	Manage SSL profiles of application gateway.	Core	GA
az network application-gateway ssl-profile add	Add an SSL profile of the application gateway.	Core	GA
az network application-gateway ssl-profile list	List the existing SSL profiles of the application gateway.	Core	GA
az network application-gateway ssl-profile remove	Remove an existing SSL profile of the application gateway.	Core	GA
az network application-gateway ssl-profile show	Show an existing SSL profile of the application gateway.	Core	GA
az network application-gateway ssl-profile update	Update SSL profile of the application gateway.	Core	GA
az network application-gateway ssl-profile wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway start	Start an application gateway.	Core	GA
az network application-gateway stop	Stop an application gateway.	Core	GA
az network application-gateway update	Update an application gateway.	Core	GA
az network application-gateway url-path-map	Manage URL path maps of an application gateway.	Core	GA
az network application-gateway url-path-map create	Create a URL path map.	Core	GA
az network application-gateway url-path-map delete	Delete a URL path map.	Core	GA
az network application-gateway url-path-map list	List URL path maps.	Core	GA
az network application-gateway url-path-map rule	Manage the rules of a URL path map.	Core	GA
az network application-gateway url-path-map rule create	Create a rule for a URL path map.	Core	GA
az network application-gateway url-path-map rule delete	Delete a rule for a URL path map.	Core	GA
az network application-gateway url-path-map rule wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway url-path-map show	Get the details of a URL path map.	Core	GA
az network application-gateway url-path-map update	Update a URL path map.	Core	GA
az network application-gateway url-path-map wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway waf-config	Configure the settings of a web application firewall.	Core	GA
az network application-gateway waf-config list-dynamic-rule-sets	List the regional application gateway waf manifest.	Core	GA
az network application-gateway waf-config list-rule-sets	Get information on available WAF rule sets, rule groups, and rule IDs.	Core	GA
az network application-gateway waf-config set	Update the firewall configuration of a web application.	Core	GA
az network application-gateway waf-config show	Get the firewall configuration of a web application.	Core	GA
az network application-gateway waf-policy	Manage application gateway web application firewall (WAF) policies.	Core	GA
az network application-gateway waf-policy create	Create an application gateway WAF policy.	Core	GA
az network application-gateway waf-policy custom-rule	Manage application gateway web application firewall (WAF) policy custom rules.	Core	GA
az network application-gateway waf-policy custom-rule create	Create an application gateway WAF policy custom rule.	Core	GA
az network application-gateway waf-policy custom-rule delete	Delete an application gateway WAF policy custom rule.	Core	GA
az network application-gateway waf-policy custom-rule list	List application gateway WAF policy custom rules.	Core	GA
az network application-gateway waf-policy custom-rule match-condition	Manage match conditions in an application gateway web application firewall (WAF) policy custom rule.	Core	GA
az network application-gateway waf-policy custom-rule match-condition add	Add a match condition to an application gateway WAF policy custom rule.	Core	GA
az network application-gateway waf-policy custom-rule match-condition list	List application gateway WAF policy custom rule match conditions.	Core	GA
az network application-gateway waf-policy custom-rule match-condition remove	Remove a match condition from an application gateway WAF policy custom rule.	Core	GA
az network application-gateway waf-policy custom-rule show	Get the details of an application gateway WAF policy custom rule.	Core	GA
az network application-gateway waf-policy custom-rule update	Update an application gateway WAF policy custom rule.	Core	GA
az network application-gateway waf-policy delete	Delete an application gateway WAF policy.	Core	GA
az network application-gateway waf-policy list	List application gateway WAF policies.	Core	GA
az network application-gateway waf-policy managed-rule	Manage managed rules of a WAF policy.	Core	GA
az network application-gateway waf-policy managed-rule exclusion	Manage OWASP CRS exclusions that are applied on a WAF policy managed rules.	Core	GA
az network application-gateway waf-policy managed-rule exclusion add	Add an OWASP CRS exclusion rule to the WAF policy managed rules.	Core	GA
az network application-gateway waf-policy managed-rule exclusion list	List all OWASP CRS exclusion rules that are applied on a WAF policy managed rules.	Core	GA
az network application-gateway waf-policy managed-rule exclusion remove	Remove all OWASP CRS exclusion rules that are applied on a WAF policy managed rules.	Core	GA
az network application-gateway waf-policy managed-rule exclusion rule-set	Define a managed rule set for exclusions.	Core	GA
az network application-gateway waf-policy managed-rule exclusion rule-set add	Add a managed rule set to an exclusion.	Core	GA
az network application-gateway waf-policy managed-rule exclusion rule-set list	List all managed rule sets of an exclusion.	Core	GA
az network application-gateway waf-policy managed-rule exclusion rule-set remove	Remove managed rule set within an exclusion.	Core	GA
az network application-gateway waf-policy managed-rule rule-set	Manage managed rule set of managed rules of a WAF policy.	Core	GA
az network application-gateway waf-policy managed-rule rule-set add	Add managed rule set to the WAF policy managed rules. For rule set and rules, please visit: https://docs.microsoft.com/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules.	Core	GA
az network application-gateway waf-policy managed-rule rule-set list	List all managed rule set.	Core	GA
az network application-gateway waf-policy managed-rule rule-set remove	Remove a managed rule set by rule set group name if rule_group_name is specified. Otherwise, remove all rule set.	Core	GA
az network application-gateway waf-policy managed-rule rule-set update	Manage rules of a WAF policy. If --group-name and --rules are provided, override existing rules. If --group-name is provided, clear all rules under a certain rule group. If neither of them are provided, update rule set and clear all rules under itself. For rule set and rules, please visit: https://docs.microsoft.com/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules.	Core	GA
az network application-gateway waf-policy policy-setting	Define contents of a web application firewall global configuration.	Core	GA
az network application-gateway waf-policy policy-setting list	List properties of a web application firewall global configuration.	Core	GA
az network application-gateway waf-policy policy-setting update	Update properties of a web application firewall global configuration.	Core	GA
az network application-gateway waf-policy show	Get the details of an application gateway WAF policy.	Core	GA
az network application-gateway waf-policy update	Update an application gateway WAF policy.	Core	GA
az network application-gateway waf-policy wait	Place the CLI in a waiting state until a condition is met.	Core	GA
az network application-gateway wait	Place the CLI in a waiting state until a condition is met.	Core	GA

az network application-gateway create

Create an application gateway.

az network application-gateway create --name
                                      --resource-group
                                      [--capacity]
                                      [--cert-file]
                                      [--cert-password]
                                      [--connection-draining-timeout]
                                      [--custom-error-pages]
                                      [--enable-private-link]
                                      [--frontend-port]
                                      [--http-settings-cookie-based-affinity {Disabled, Enabled}]
                                      [--http-settings-port]
                                      [--http-settings-protocol {Http, Https, Tcp, Tls}]
                                      [--http2 {Disabled, Enabled}]
                                      [--identity]
                                      [--key-vault-secret-id]
                                      [--location]
                                      [--max-capacity]
                                      [--min-capacity]
                                      [--no-wait]
                                      [--priority]
                                      [--private-ip-address]
                                      [--private-link-ip-address]
                                      [--private-link-primary {false, true}]
                                      [--private-link-subnet]
                                      [--private-link-subnet-prefix]
                                      [--public-ip-address]
                                      [--public-ip-address-allocation]
                                      [--routing-rule-type {Basic, PathBasedRouting}]
                                      [--servers]
                                      [--sku {Standard_Medium, Standard_Small, Standard_v2, WAF_Large, WAF_Medium, WAF_v2}]
                                      [--ssl-certificate-name]
                                      [--ssl-profile]
                                      [--ssl-profile-id]
                                      [--subnet]
                                      [--subnet-address-prefix]
                                      [--tags]
                                      [--trusted-client-cert]
                                      [--validate]
                                      [--vnet-address-prefix]
                                      [--vnet-name]
                                      [--waf-policy]
                                      [--zones]

Examples

Create an application gateway.

az network application-gateway create --capacity 2 --frontend-port MyFrontendPort --http-settings-cookie-based-affinity Enabled --http-settings-port 80 --http-settings-protocol Http --location westus2 --name MyAppGateway --public-ip-address MyAppGatewayPublicIp --resource-group MyResourceGroup --sku Standard_Small --subnet MySubnet --vnet-name MyVNet

Create an application gateway with VMs as backend servers.

az network application-gateway create -g MyResourceGroup -n MyAppGateway --capacity 2 --sku Standard_Medium --vnet-name MyVNet --subnet MySubnet --http-settings-cookie-based-affinity Enabled --public-ip-address MyAppGatewayPublicIp --servers 10.0.0.4 10.0.0.5

Create an application gateway with SSL profile.

az network application-gateway create -n MyAppGateway -g MyResourceGroup --public-ip-address MyPublicIP --sku Standard_v2 --priority 1001 --ssl-profile name=MyProfile min-protocol-version=TLSv1_0 cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 policy-type=Custom client-auth-configuration=True

Required Parameters

--name -n

Name of the application gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Optional Parameters

--capacity

The number of instances to use with the application gateway.

default value: 2

--cert-file

The path to the PFX certificate file.

--cert-password

The certificate password.

--connection-draining-timeout

The time in seconds after a backend server is removed during which on open connection remains active. Range: 0 (disabled) to 3600.

default value: 0

--custom-error-pages

Space-separated list of custom error pages in STATUS_CODE=URL format.

--enable-private-link

Enable Private Link feature for this application gateway. If both public IP and private IP are enbaled, taking effect only in public frontend IP.

default value: False

--frontend-port

The front end port number.

--http-settings-cookie-based-affinity

Enable or disable HTTP settings cookie-based affinity.

accepted values: Disabled, Enabled

default value: disabled

--http-settings-port

The HTTP settings port.

default value: 80

--http-settings-protocol

The HTTP settings protocol.

accepted values: Http, Https, Tcp, Tls

default value: Http

--http2

Use HTTP2 for the application gateway.

accepted values: Disabled, Enabled

--identity

Name or ID of the ManagedIdentity Resource.

--key-vault-secret-id

Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in Azure KeyVault. You need enable soft delete for keyvault to use this feature.

--location -l

Location. Values from: az account list-locations. You can configure the default location using az configure --defaults location=<location>.

--max-capacity

Upper bound on the number of application gateway instances.

--min-capacity

Lower bound on the number of application gateway instances.

--no-wait

Do not wait for the long-running operation to finish.

default value: False

--priority

Priority of the request routing rule. Supported SKU tiers are Standard_v2, WAF_v2.

--private-ip-address

Static private IP address to use.

--private-link-ip-address

The static private IP address of a subnet for Private Link. If omitting, a dynamic one will be created.

--private-link-primary

Whether the IP configuration is primary or not.

accepted values: false, true

--private-link-subnet

The name of the subnet within the same vnet of an application gateway.

default value: PrivateLinkDefaultSubnet

--private-link-subnet-prefix

The CIDR prefix to use when creating a new subnet.

default value: 10.0.1.0/24

--public-ip-address

Name or ID of a public IP address. Uses existing resource or creates new if specified, or none if omitted.

--public-ip-address-allocation

The kind of IP allocation to use when creating a new public IP.

default value: Dynamic

--routing-rule-type

The request routing rule type.

accepted values: Basic, PathBasedRouting

default value: Basic

--servers

Space-separated list of IP addresses or DNS names corresponding to backend servers.

--sku

The name of the SKU.

accepted values: Standard_Medium, Standard_Small, Standard_v2, WAF_Large, WAF_Medium, WAF_v2

default value: Standard_Medium

--ssl-certificate-name

The certificate name. Default will be <application-gateway-name>SslCert.

--ssl-profile

Preview

The application gateway ssl profiles.

Usage: --ssl-profile name=MySslProfile client-auth-configuration=True cipher-suites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 policy-type=Custom min-protocol-version=TLSv1_0

name: Required. Name of the SSL profile that is unique within an Application Gateway. polic-name: Name of Ssl Policy. policy-type: Type of Ssl Policy. min-protocol-version: Minimum version of Ssl protocol to be supported on application gateway. cipher-suites: Ssl cipher suites to be enabled in the specified order to application gateway. disabled-ssl-protocols: Space-separated list of protocols to disable. trusted-client-certificates: Array of references to application gateway trusted client certificates. client-auth-configuration: Client authentication configuration of the application gateway resource.

Multiple ssl profiles can be specified by using more than one --ssl-profile argument.

--ssl-profile-id

Preview

SSL profile resource of the application gateway.

--subnet

Name or ID of the subnet. Will create resource if it does not exist. If name specified, also specify --vnet-name. If you want to use an existing subnet in other resource group or subscription, please provide the ID instead of the name of the subnet.

default value: default

--subnet-address-prefix

The CIDR prefix to use when creating a new subnet.

default value: 10.0.0.0/24

--tags

Space-separated tags: key[=value] [key[=value] ...]. Use "" to clear existing tags.

--trusted-client-cert

Preview

The application gateway trusted client certificate.

Usage: --trusted-client-certificates name=client1 data=client.cer

name: Required. Name of the trusted client certificate that is unique within an Application Gateway data: Required. Certificate public data.

Multiple trusted client certificates can be specified by using more than one --trusted-client-certificates argument.

--validate

Generate and validate the ARM template without creating any resources.

default value: False

--vnet-address-prefix

The CIDR prefix to use when creating a new VNet.

default value: 10.0.0.0/16

--vnet-name

The virtual network (VNet) name.

--waf-policy

Name or ID of a web application firewall (WAF) policy.

--zones -z

Space-separated list of availability zones into which to provision the resource.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway delete

Delete an application gateway.

az network application-gateway delete [--ids]
                                      [--name]
                                      [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                      [--resource-group]
                                      [--subscription]

Examples

Delete an application gateway.

az network application-gateway delete -g MyResourceGroup -n MyAppGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the application gateway.

--no-wait

Do not wait for the long-running operation to finish.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway list

List application gateways.

az network application-gateway list [--max-items]
                                    [--next-token]
                                    [--resource-group]

Examples

List application gateways.

az network application-gateway list -g MyResourceGroup

Optional Parameters

--max-items

Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.

--next-token

Token to specify where to start paginating. This is the token value from a previously truncated response.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway show

Get the details of an application gateway.

az network application-gateway show [--ids]
                                    [--name]
                                    [--resource-group]
                                    [--subscription]

Examples

Get the details of an application gateway.

az network application-gateway show -g MyResourceGroup -n MyAppGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the application gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway show-backend-health

Get information on the backend health of an application gateway.

az network application-gateway show-backend-health [--address-pool]
                                                   [--expand]
                                                   [--host]
                                                   [--host-name-from-http-settings {false, true}]
                                                   [--http-settings]
                                                   [--ids]
                                                   [--match-body]
                                                   [--match-status-codes]
                                                   [--name]
                                                   [--path]
                                                   [--protocol {Http, Https, Tcp, Tls}]
                                                   [--resource-group]
                                                   [--subscription]
                                                   [--timeout]

Examples

Show backend health of an application gateway.

az network application-gateway show-backend-health -g MyResourceGroup -n MyAppGateway

Show backend health of an application gateway for given combination of backend pool and http setting.

az network application-gateway show-backend-health -g MyResourceGroup -n MyAppGateway --host-name-from-http-settings --path /test --timeout 100 --http-settings appGatewayBackendHttpSettings --address-pool appGatewayBackendPool

Optional Parameters

--address-pool

Preview

The name or ID of the backend address pool.

--expand

Expands BackendAddressPool and BackendHttpSettings referenced in backend health.

--host

Preview

The name of the host to send the probe.

--host-name-from-http-settings

Preview

Use host header from HTTP settings.

accepted values: false, true

--http-settings

Preview

The name or ID of the HTTP settings.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--match-body

Preview

Body that must be contained in the health response.

--match-status-codes

Preview

Space-separated list of allowed ranges of healthy status codes for the health response.

--name -n

Name of the application gateway.

--path

Preview

The relative path of the probe. Valid paths start from "/".

--protocol

Preview

The HTTP settings protocol.

accepted values: Http, Https, Tcp, Tls

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Preview

The probe timeout in seconds.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway start

Start an application gateway.

az network application-gateway start [--ids]
                                     [--name]
                                     [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                     [--resource-group]
                                     [--subscription]

Examples

Start an application gateway.

az network application-gateway start -g MyResourceGroup -n MyAppGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the application gateway.

--no-wait

Do not wait for the long-running operation to finish.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway stop

Stop an application gateway.

az network application-gateway stop [--ids]
                                    [--name]
                                    [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                    [--resource-group]
                                    [--subscription]

Examples

Stop an application gateway.

az network application-gateway stop -g MyResourceGroup -n MyAppGateway

Optional Parameters

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--name -n

Name of the application gateway.

--no-wait

Do not wait for the long-running operation to finish.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway update

Update an application gateway.

az network application-gateway update [--add]
                                      [--capacity]
                                      [--custom-error-pages]
                                      [--force-string {0, 1, f, false, n, no, t, true, y, yes}]
                                      [--http2 {Disabled, Enabled}]
                                      [--identity]
                                      [--ids]
                                      [--max-capacity]
                                      [--min-capacity]
                                      [--name]
                                      [--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
                                      [--remove]
                                      [--resource-group]
                                      [--set]
                                      [--sku {Standard_Large, Standard_Medium, Standard_Small, Standard_v2, WAF_Large, WAF_Medium, WAF_v2}]
                                      [--ssl-profiles]
                                      [--subscription]
                                      [--tags]

Examples

Update an application gateway.

az network application-gateway update --name MyApplicationGateway --resource-group MyResourceGroup --set sku.tier=WAF_v2

Enable client cert revocation via OCSP.

az network application-gateway update -n MyApplicationGateway --ssl-profiles [0].client-auth-configuration.verify-client-revocation=OCSP

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.

--capacity

Number of instances to use with the application gateway.

--custom-error-pages

Space-separated list of custom error pages in STATUS_CODE=URL format. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--force-string

When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--http2

Use HTTP2 for the application gateway.

accepted values: Disabled, Enabled

--identity

The identity of the application gateway, if configured. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--max-capacity

Upper bound on the number of application gateway instances.

--min-capacity

Lower bound on the number of application gateway instances.

--name -n

Name of the application gateway.

--no-wait

Do not wait for the long-running operation to finish.

accepted values: 0, 1, f, false, n, no, t, true, y, yes

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

--sku

Name of an application gateway SKU.

accepted values: Standard_Large, Standard_Medium, Standard_Small, Standard_v2, WAF_Large, WAF_Medium, WAF_v2

--ssl-profiles

SSL profiles of the application gateway resource. For default limits, see Application Gateway limits. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--tags

Space-separated tags: key[=value] [key[=value] ...]. Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.

az network application-gateway wait

Place the CLI in a waiting state until a condition is met.

az network application-gateway wait [--created]
                                    [--custom]
                                    [--deleted]
                                    [--exists]
                                    [--ids]
                                    [--interval]
                                    [--name]
                                    [--resource-group]
                                    [--subscription]
                                    [--timeout]
                                    [--updated]

Optional Parameters

--created

Wait until created with 'provisioningState' at 'Succeeded'.

default value: False

--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait until deleted.

default value: False

--exists

Wait until the resource exists.

default value: False

--ids

One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.

--interval

Polling interval in seconds.

default value: 30

--name -n

Name of the application gateway.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=<name>.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--timeout

Maximum wait in seconds.

default value: 3600

--updated

Wait until updated with provisioningState at 'Succeeded'.

default value: False

Global Parameters

--debug

Increase logging verbosity to show all debug logs.

--help -h

Show this help message and exit.

--only-show-errors

Only show errors, suppressing warnings.

--output -o

Output format.

accepted values: json, jsonc, none, table, tsv, yaml, yamlc

default value: json

--query

JMESPath query string. See http://jmespath.org/ for more information and examples.

--subscription

Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.

--verbose

Increase logging verbosity. Use --debug for full debug logs.