Create an Azure WAF v2 on Azure Application Gateway

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Bicep Version

Deploy To Azure Visualize

This template deploys an Web Application Firewall v2 on Azure Application Gateway. The WAF has a policy with a simple custom rule that blocks traffic to the two virtual machine backend pool. The custom rule can then be modified to allow traffic to the backend pool.

The backend virtual machines are Standard_B2ms virtual machines running Windows Server 2019 with IIS installed to test the application gateway functionality.

Deployment steps

You can select Deploy to Azure at the top of this document or follow the instructions for command line deployment using the scripts in the root of this repo.


This template is used by the Web Application Firewall documentation quickstart article.

Tags: Web Application Firewall, Microsoft.Network/networkSecurityGroups, Microsoft.Network/publicIPAddresses, Microsoft.Network/virtualNetworks, Microsoft.Compute/virtualMachines, Microsoft.Compute/virtualMachines/extensions, CustomScriptExtension, Microsoft.Network/applicationGateways, Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies, Microsoft.Network/networkInterfaces