New-AzureRmApplicationGateway

Creates an application gateway.

Warning

The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.

Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.

Syntax

New-AzureRmApplicationGateway
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   -Sku <PSApplicationGatewaySku>
   [-SslPolicy <PSApplicationGatewaySslPolicy>]
   -GatewayIPConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayIPConfiguration]>
   [-SslCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewaySslCertificate]>]
   [-AuthenticationCertificates <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayAuthenticationCertificate]>]
   [-TrustedRootCertificate <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayTrustedRootCertificate]>]
   [-FrontendIPConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFrontendIPConfiguration]>]
   -FrontendPorts <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFrontendPort]>
   [-Probes <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayProbe]>]
   -BackendAddressPools <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayBackendAddressPool]>
   -BackendHttpSettingsCollection <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayBackendHttpSettings]>
   -HttpListeners <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayHttpListener]>
   [-UrlPathMaps <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayUrlPathMap]>]
   -RequestRoutingRules <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayRequestRoutingRule]>
   [-RedirectConfigurations <System.Collections.Generic.List`1[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayRedirectConfiguration]>]
   [-WebApplicationFirewallConfiguration <PSApplicationGatewayWebApplicationFirewallConfiguration>]
   [-AutoscaleConfiguration <PSApplicationGatewayAutoscaleConfiguration>]
   [-EnableHttp2]
   [-EnableFIPS]
   [-Zone <System.Collections.Generic.List`1[System.String]>]
   [-Tag <Hashtable>]
   [-Force]
   [-AsJob]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-AzureRmApplicationGateway cmdlet creates an Azure application gateway. An application gateway requires the following:

  • A resource group.
  • A virtual network.
  • A back-end server pool, containing the IP addresses of the back-end servers.
  • Back-end server pool settings. Each pool has settings such as port, protocol and cookie-based affinity, that are applied to all servers within the pool.
  • Front-end IP addresses, which are the IP addresses opened on the application gateway. A front-end IP address can be a public IP address or an internal IP address.
  • Front-end ports, which are the public ports opened on the application gateway. Traffic that hits these ports is redirected to the back-end servers.
  • A request routing rule that binds the listener and the back-end server pool. The rule defines which back-end server pool the traffic should be directed to when it hits a particular listener. A listener has a front-end port, front-end IP address, protocol (HTTP or HTTPS) and Secure Sockets Layer (SSL) certificate name (if configuring SSL offload).

Examples

Example 1: Create an application gateway

PS C:\> $ResourceGroup = New-AzureRmResourceGroup -Name "ResourceGroup01" -Location "West US" -Tag @{Name = "Department"; Value = "Marketing"} 
PS C:\> $Subnet = New-AzureRmVirtualNetworkSubnetConfig -Name "Subnet01" -AddressPrefix 10.0.0.0/24
PS C:\> $VNet = New-AzureRmvirtualNetwork -Name "VNet01" -ResourceGroupName "ResourceGroup01" -Location "West US" -AddressPrefix 10.0.0.0/16 -Subnet $Subnet
PS C:\> $VNet = Get-AzureRmvirtualNetwork -Name "VNet01" -ResourceGroupName "ResourceGroup01"
PS C:\> $Subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $Subnet01 -VirtualNetwork $VNet 
PS C:\> $GatewayIPconfig = New-AzureRmApplicationGatewayIPConfiguration -Name "GatewayIp01" -Subnet $Subnet
PS C:\> $Pool = New-AzureRmApplicationGatewayBackendAddressPool -Name "Pool01" -BackendIPAddresses 10.10.10.1, 10.10.10.2, 10.10.10.3
PS C:\> $PoolSetting = New-AzureRmApplicationGatewayBackendHttpSettings -Name "PoolSetting01"  -Port 80 -Protocol "Http" -CookieBasedAffinity "Disabled"
PS C:\> $FrontEndPort = New-AzureRmApplicationGatewayFrontendPort -Name "FrontEndPort01"  -Port 80
# Create a public IP address
PS C:\> $PublicIp = New-AzureRmPublicIpAddress -ResourceGroupName "ResourceGroup01" -Name "PublicIpName01" -Location "West US" -AllocationMethod "Dynamic"
PS C:\> $FrontEndIpConfig = New-AzureRmApplicationGatewayFrontendIPConfig -Name "FrontEndConfig01" -PublicIPAddress $PublicIp
PS C:\> $Listener = New-AzureRmApplicationGatewayHttpListener -Name "ListenerName01"  -Protocol "Http" -FrontendIpConfiguration $FrontEndIpConfig -FrontendPort $FrontEndPort
PS C:\> $Rule = New-AzureRmApplicationGatewayRequestRoutingRule -Name "Rule01" -RuleType basic -BackendHttpSettings $PoolSetting -HttpListener $Listener -BackendAddressPool $Pool
PS C:\> $Sku = New-AzureRmApplicationGatewaySku -Name "Standard_Small" -Tier Standard -Capacity 2
PS C:\> $Gateway = New-AzureRmApplicationGateway -Name "AppGateway01" -ResourceGroupName "ResourceGroup01" -Location "West US" -BackendAddressPools $Pool -BackendHttpSettingsCollection $PoolSetting -FrontendIpConfigurations $FrontEndIpConfig  -GatewayIpConfigurations $GatewayIpConfig -FrontendPorts $FrontEndPort -HttpListeners $Listener -RequestRoutingRules $Rule -Sku $Sku

The following example creates an application gateway by first creating a resource group and a virtual network, as well as the following:

  • A back-end server pool
  • Back-end server pool settings
  • Front-end ports
  • Front-end IP addresses
  • A request routing rule These four commands create a virtual network. The first command creates a subnet configuration. The second command creates a virtual network. The third command verifies the subnet configuration and the fourth command verifies that the virtual network is created successfully. The following commands create the application gateway. The first command creates an IP configuration named GatewayIp01 for the subnet created previously. The second command creates a back-end server pool named Pool01 with a list of back-end IP addresses and stores the pool in the $Pool variable. The third command creates the settings for the back-end server pool and stores the settings in the $PoolSetting variable. The forth command creates a front-end port on port 80, names it FrontEndPort01, and stores the port in the $FrontEndPort variable. The fifth command creates a public IP address by using New-AzureRmPublicIpAddress. The sixth command creates a front-end IP configuration using $PublicIp, names it FrontEndPortConfig01, and stores it in the $FrontEndIpConfig variable. The seventh command creates a listener using the previously created $FrontEndIpConfig $FrontEndPort. The eighth command creates a rule for the listener. The ninth command sets the SKU. The tenth command creates the gateway using the objects set by the previous commands.

Parameters

-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AuthenticationCertificates

Specifies authentication certificates for the application gateway.

Type:List<T>[PSApplicationGatewayAuthenticationCertificate]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-AutoscaleConfiguration

Autoscale Configuration

Type:PSApplicationGatewayAutoscaleConfiguration
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-BackendAddressPools

Specifies the list of back-end address pools for the application gateway.

Type:List<T>[PSApplicationGatewayBackendAddressPool]
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-BackendHttpSettingsCollection

Specifies the list of back-end HTTP settings for the application gateway.

Type:List<T>[PSApplicationGatewayBackendHttpSettings]
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure.

Type:IAzureContextContainer
Aliases:AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableFIPS

Whether FIPS is enabled.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableHttp2

Whether HTTP2 is enabled.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-FrontendIPConfigurations

Specifies a list of front-end IP configurations for the application gateway.

Type:List<T>[PSApplicationGatewayFrontendIPConfiguration]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-FrontendPorts

Specifies a list of front-end ports for the application gateway.

Type:List<T>[PSApplicationGatewayFrontendPort]
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-GatewayIPConfigurations

Specifies a list of IP configurations for the application gateway.

Type:List<T>[PSApplicationGatewayIPConfiguration]
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-HttpListeners

Specifies a list of HTTP listeners for the application gateway.

Type:List<T>[PSApplicationGatewayHttpListener]
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Location

Specifies the region in which to create the application gateway.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

Specifies the name of application gateway.

Type:String
Aliases:ResourceName
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Probes

Specifies probes for the application gateway.

Type:List<T>[PSApplicationGatewayProbe]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RedirectConfigurations

The list of redirect configuration

Type:List<T>[PSApplicationGatewayRedirectConfiguration]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-RequestRoutingRules

Specifies a list of request routing rules for the application gateway.

Type:List<T>[PSApplicationGatewayRequestRoutingRule]
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

Specifies the name of the resource group in which to create the application gateway.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Sku

Specifies the stock keeping unit (SKU) of the application gateway.

Type:PSApplicationGatewaySku
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-SslCertificates

Specifies the list of Secure Sockets Layer (SSL) certificates for the application gateway.

Type:List<T>[PSApplicationGatewaySslCertificate]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-SslPolicy

Specifies an SSL policy for the application gateway.

Type:PSApplicationGatewaySslPolicy
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Tag

Key-value pairs in the form of a hash table. For example: @{key0="value0";key1=$null;key2="value2"}

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TrustedRootCertificate

The list of trusted root certificates

Type:List<T>[PSApplicationGatewayTrustedRootCertificate]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-UrlPathMaps

Specifies URL path maps for the application gateway.

Type:List<T>[PSApplicationGatewayUrlPathMap]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WebApplicationFirewallConfiguration

Specifies a web application firewall (WAF) configuration. You can use the Get-AzureRmApplicationGatewayWebApplicationFirewallConfiguration cmdlet to get a WAF.

Type:PSApplicationGatewayWebApplicationFirewallConfiguration
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Zone

A list of availability zones denoting where the application gateway needs to come from.

Type:List<T>[String]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

PSApplicationGatewaySku

PSApplicationGatewaySslPolicy

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayIPConfiguration, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewaySslCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayAuthenticationCertificate, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFrontendIPConfiguration, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayFrontendPort, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayProbe, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayBackendAddressPool, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayBackendHttpSettings, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayHttpListener, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayUrlPathMap, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayRequestRoutingRule, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

List<T>[[Microsoft.Azure.Commands.Network.Models.PSApplicationGatewayRedirectConfiguration, Microsoft.Azure.Commands.Network, Version=6.4.1.0, Culture=neutral, PublicKeyToken=null]]

PSApplicationGatewayWebApplicationFirewallConfiguration

Hashtable

Outputs

PSApplicationGateway