import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Manages an Application Gateway. * * > **Note:** The `backendAddressPool`, `backendHttpSettings`, `httpListener`, `privateLinkConfiguration`, `requestRoutingRule`, `redirectConfiguration`, `probe`, `sslCertificate`, * and `frontendPort` properties are Sets as the service API returns these lists of objects in a different order from how the provider sends them. As Sets are stored using a hash, if one * value is added or removed from the Set, Terraform considers the entire list of objects changed and the plan shows that it is removing every value in the list and re-adding it with the * new information. Though Terraform is showing all the values being removed and re-added, we are not actually removing anything unless the user specifies a removal in the configfile. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as azure from "@pulumi/azure"; * * const example = new azure.core.ResourceGroup("example", { * name: "example-resources", * location: "West Europe", * }); * const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", { * name: "example-network", * resourceGroupName: example.name, * location: example.location, * addressSpaces: ["10.254.0.0/16"], * }); * const exampleSubnet = new azure.network.Subnet("example", { * name: "example", * resourceGroupName: example.name, * virtualNetworkName: exampleVirtualNetwork.name, * addressPrefixes: ["10.254.0.0/24"], * }); * const examplePublicIp = new azure.network.PublicIp("example", { * name: "example-pip", * resourceGroupName: example.name, * location: example.location, * allocationMethod: "Static", * }); * const backendAddressPoolName = pulumi.interpolate`${exampleVirtualNetwork.name}-beap`; * const frontendPortName = pulumi.interpolate`${exampleVirtualNetwork.name}-feport`; * const frontendIpConfigurationName = pulumi.interpolate`${exampleVirtualNetwork.name}-feip`; * const httpSettingName = pulumi.interpolate`${exampleVirtualNetwork.name}-be-htst`; * const listenerName = pulumi.interpolate`${exampleVirtualNetwork.name}-httplstn`; * const requestRoutingRuleName = pulumi.interpolate`${exampleVirtualNetwork.name}-rqrt`; * const redirectConfigurationName = pulumi.interpolate`${exampleVirtualNetwork.name}-rdrcfg`; * const network = new azure.network.ApplicationGateway("network", { * name: "example-appgateway", * resourceGroupName: example.name, * location: example.location, * sku: { * name: "Standard_v2", * tier: "Standard_v2", * capacity: 2, * }, * gatewayIpConfigurations: [{ * name: "my-gateway-ip-configuration", * subnetId: exampleSubnet.id, * }], * frontendPorts: [{ * name: frontendPortName, * port: 80, * }], * frontendIpConfigurations: [{ * name: frontendIpConfigurationName, * publicIpAddressId: examplePublicIp.id, * }], * backendAddressPools: [{ * name: backendAddressPoolName, * }], * backendHttpSettings: [{ * name: httpSettingName, * cookieBasedAffinity: "Disabled", * path: "/path1/", * port: 80, * protocol: "Http", * requestTimeout: 60, * }], * httpListeners: [{ * name: listenerName, * frontendIpConfigurationName: frontendIpConfigurationName, * frontendPortName: frontendPortName, * protocol: "Http", * }], * requestRoutingRules: [{ * name: requestRoutingRuleName, * priority: 9, * ruleType: "Basic", * httpListenerName: listenerName, * backendAddressPoolName: backendAddressPoolName, * backendHttpSettingsName: httpSettingName, * }], * }); * ``` * * ## API Providers * * * This resource uses the following Azure API Providers: * * * `Microsoft.Network` - 2025-01-01 * * ## Import * * An Application Gateway can be imported using the `resource id`, e.g. * * ```sh * $ pulumi import azure:network/applicationGateway:ApplicationGateway example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1 * ``` */ export declare class ApplicationGateway extends pulumi.CustomResource { /** * Get an existing ApplicationGateway resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: ApplicationGatewayState, opts?: pulumi.CustomResourceOptions): ApplicationGateway; /** * Returns true if the given object is an instance of ApplicationGateway. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is ApplicationGateway; /** * One or more `authenticationCertificate` blocks as defined below. */ readonly authenticationCertificates: pulumi.Output; /** * An `autoscaleConfiguration` block as defined below. */ readonly autoscaleConfiguration: pulumi.Output; /** * One or more `backendAddressPool` blocks as defined below. */ readonly backendAddressPools: pulumi.Output; /** * One or more `backendHttpSettings` blocks as defined below. * * > **Note:** At least one of `backendHttpSettings` or `backend` must be specified. */ readonly backendHttpSettings: pulumi.Output; /** * One or more `backend` blocks as defined below. * * > **Note:** At least one of `backendHttpSettings` or `backend` must be specified. */ readonly backends: pulumi.Output; /** * One or more `customErrorConfiguration` blocks as defined below. */ readonly customErrorConfigurations: pulumi.Output; /** * @deprecated the `enableHttp2` property has been deprecated in favour of the `http2Enabled` property and will be removed in v5.0 of the AzureRM Provider */ readonly enableHttp2: pulumi.Output; /** * Is FIPS enabled on the Application Gateway? */ readonly fipsEnabled: pulumi.Output; /** * The ID of the Web Application Firewall Policy. */ readonly firewallPolicyId: pulumi.Output; /** * Is the Firewall Policy associated with the Application Gateway? */ readonly forceFirewallPolicyAssociation: pulumi.Output; /** * One or more `frontendIpConfiguration` blocks as defined below. */ readonly frontendIpConfigurations: pulumi.Output; /** * One or more `frontendPort` blocks as defined below. */ readonly frontendPorts: pulumi.Output; /** * One or more `gatewayIpConfiguration` blocks as defined below. */ readonly gatewayIpConfigurations: pulumi.Output; /** * A `global` block as defined below. */ readonly global: pulumi.Output; /** * Is HTTP2 enabled on the application gateway resource? Defaults to `false`. */ readonly http2Enabled: pulumi.Output; /** * One or more `httpListener` blocks as defined below. * * > **Note:** At least one of `httpListener` or `listener` must be specified. */ readonly httpListeners: pulumi.Output; /** * An `identity` block as defined below. */ readonly identity: pulumi.Output; /** * One or more `listener` blocks as defined below. * * > **Note:** At least one of `httpListener` or `listener` must be specified. */ readonly listeners: pulumi.Output; /** * The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. */ readonly location: pulumi.Output; /** * The name of the Application Gateway. Changing this forces a new resource to be created. */ readonly name: pulumi.Output; /** * A list of `privateEndpointConnection` blocks as defined below. */ readonly privateEndpointConnections: pulumi.Output; /** * One or more `privateLinkConfiguration` blocks as defined below. */ readonly privateLinkConfigurations: pulumi.Output; /** * One or more `probe` blocks as defined below. */ readonly probes: pulumi.Output; /** * One or more `redirectConfiguration` blocks as defined below. */ readonly redirectConfigurations: pulumi.Output; /** * One or more `requestRoutingRule` blocks as defined below. * * > **Note:** At least one of `requestRoutingRule` or `routingRule` must be specified. */ readonly requestRoutingRules: pulumi.Output; /** * The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. */ readonly resourceGroupName: pulumi.Output; /** * One or more `rewriteRuleSet` blocks as defined below. Only valid for v2 WAF and Standard SKUs. */ readonly rewriteRuleSets: pulumi.Output; /** * One or more `routingRule` blocks as defined below. * * > **Note:** At least one of `requestRoutingRule` or `routingRule` must be specified. */ readonly routingRules: pulumi.Output; /** * A `sku` block as defined below. */ readonly sku: pulumi.Output; /** * One or more `sslCertificate` blocks as defined below. */ readonly sslCertificates: pulumi.Output; /** * a `sslPolicy` block as defined below. */ readonly sslPolicy: pulumi.Output; /** * One or more `sslProfile` blocks as defined below. */ readonly sslProfiles: pulumi.Output; /** * A mapping of tags to assign to the resource. */ readonly tags: pulumi.Output<{ [key: string]: string; } | undefined>; /** * One or more `trustedClientCertificate` blocks as defined below. */ readonly trustedClientCertificates: pulumi.Output; /** * One or more `trustedRootCertificate` blocks as defined below. */ readonly trustedRootCertificates: pulumi.Output; /** * One or more `urlPathMap` blocks as defined below. */ readonly urlPathMaps: pulumi.Output; /** * A `wafConfiguration` block as defined below. */ readonly wafConfiguration: pulumi.Output; /** * Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created. * * > **Note:** Availability Zones are not supported in all regions at this time, please check the [official documentation](https://docs.microsoft.com/azure/availability-zones/az-overview) for more information. They are also only supported for [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) */ readonly zones: pulumi.Output; /** * Create a ApplicationGateway resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: ApplicationGatewayArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering ApplicationGateway resources. */ export interface ApplicationGatewayState { /** * One or more `authenticationCertificate` blocks as defined below. */ authenticationCertificates?: pulumi.Input[]>; /** * An `autoscaleConfiguration` block as defined below. */ autoscaleConfiguration?: pulumi.Input; /** * One or more `backendAddressPool` blocks as defined below. */ backendAddressPools?: pulumi.Input[]>; /** * One or more `backendHttpSettings` blocks as defined below. * * > **Note:** At least one of `backendHttpSettings` or `backend` must be specified. */ backendHttpSettings?: pulumi.Input[]>; /** * One or more `backend` blocks as defined below. * * > **Note:** At least one of `backendHttpSettings` or `backend` must be specified. */ backends?: pulumi.Input[]>; /** * One or more `customErrorConfiguration` blocks as defined below. */ customErrorConfigurations?: pulumi.Input[]>; /** * @deprecated the `enableHttp2` property has been deprecated in favour of the `http2Enabled` property and will be removed in v5.0 of the AzureRM Provider */ enableHttp2?: pulumi.Input; /** * Is FIPS enabled on the Application Gateway? */ fipsEnabled?: pulumi.Input; /** * The ID of the Web Application Firewall Policy. */ firewallPolicyId?: pulumi.Input; /** * Is the Firewall Policy associated with the Application Gateway? */ forceFirewallPolicyAssociation?: pulumi.Input; /** * One or more `frontendIpConfiguration` blocks as defined below. */ frontendIpConfigurations?: pulumi.Input[]>; /** * One or more `frontendPort` blocks as defined below. */ frontendPorts?: pulumi.Input[]>; /** * One or more `gatewayIpConfiguration` blocks as defined below. */ gatewayIpConfigurations?: pulumi.Input[]>; /** * A `global` block as defined below. */ global?: pulumi.Input; /** * Is HTTP2 enabled on the application gateway resource? Defaults to `false`. */ http2Enabled?: pulumi.Input; /** * One or more `httpListener` blocks as defined below. * * > **Note:** At least one of `httpListener` or `listener` must be specified. */ httpListeners?: pulumi.Input[]>; /** * An `identity` block as defined below. */ identity?: pulumi.Input; /** * One or more `listener` blocks as defined below. * * > **Note:** At least one of `httpListener` or `listener` must be specified. */ listeners?: pulumi.Input[]>; /** * The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. */ location?: pulumi.Input; /** * The name of the Application Gateway. Changing this forces a new resource to be created. */ name?: pulumi.Input; /** * A list of `privateEndpointConnection` blocks as defined below. */ privateEndpointConnections?: pulumi.Input[]>; /** * One or more `privateLinkConfiguration` blocks as defined below. */ privateLinkConfigurations?: pulumi.Input[]>; /** * One or more `probe` blocks as defined below. */ probes?: pulumi.Input[]>; /** * One or more `redirectConfiguration` blocks as defined below. */ redirectConfigurations?: pulumi.Input[]>; /** * One or more `requestRoutingRule` blocks as defined below. * * > **Note:** At least one of `requestRoutingRule` or `routingRule` must be specified. */ requestRoutingRules?: pulumi.Input[]>; /** * The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. */ resourceGroupName?: pulumi.Input; /** * One or more `rewriteRuleSet` blocks as defined below. Only valid for v2 WAF and Standard SKUs. */ rewriteRuleSets?: pulumi.Input[]>; /** * One or more `routingRule` blocks as defined below. * * > **Note:** At least one of `requestRoutingRule` or `routingRule` must be specified. */ routingRules?: pulumi.Input[]>; /** * A `sku` block as defined below. */ sku?: pulumi.Input; /** * One or more `sslCertificate` blocks as defined below. */ sslCertificates?: pulumi.Input[]>; /** * a `sslPolicy` block as defined below. */ sslPolicy?: pulumi.Input; /** * One or more `sslProfile` blocks as defined below. */ sslProfiles?: pulumi.Input[]>; /** * A mapping of tags to assign to the resource. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * One or more `trustedClientCertificate` blocks as defined below. */ trustedClientCertificates?: pulumi.Input[]>; /** * One or more `trustedRootCertificate` blocks as defined below. */ trustedRootCertificates?: pulumi.Input[]>; /** * One or more `urlPathMap` blocks as defined below. */ urlPathMaps?: pulumi.Input[]>; /** * A `wafConfiguration` block as defined below. */ wafConfiguration?: pulumi.Input; /** * Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created. * * > **Note:** Availability Zones are not supported in all regions at this time, please check the [official documentation](https://docs.microsoft.com/azure/availability-zones/az-overview) for more information. They are also only supported for [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) */ zones?: pulumi.Input[]>; } /** * The set of arguments for constructing a ApplicationGateway resource. */ export interface ApplicationGatewayArgs { /** * One or more `authenticationCertificate` blocks as defined below. */ authenticationCertificates?: pulumi.Input[]>; /** * An `autoscaleConfiguration` block as defined below. */ autoscaleConfiguration?: pulumi.Input; /** * One or more `backendAddressPool` blocks as defined below. */ backendAddressPools: pulumi.Input[]>; /** * One or more `backendHttpSettings` blocks as defined below. * * > **Note:** At least one of `backendHttpSettings` or `backend` must be specified. */ backendHttpSettings?: pulumi.Input[]>; /** * One or more `backend` blocks as defined below. * * > **Note:** At least one of `backendHttpSettings` or `backend` must be specified. */ backends?: pulumi.Input[]>; /** * One or more `customErrorConfiguration` blocks as defined below. */ customErrorConfigurations?: pulumi.Input[]>; /** * @deprecated the `enableHttp2` property has been deprecated in favour of the `http2Enabled` property and will be removed in v5.0 of the AzureRM Provider */ enableHttp2?: pulumi.Input; /** * Is FIPS enabled on the Application Gateway? */ fipsEnabled?: pulumi.Input; /** * The ID of the Web Application Firewall Policy. */ firewallPolicyId?: pulumi.Input; /** * Is the Firewall Policy associated with the Application Gateway? */ forceFirewallPolicyAssociation?: pulumi.Input; /** * One or more `frontendIpConfiguration` blocks as defined below. */ frontendIpConfigurations: pulumi.Input[]>; /** * One or more `frontendPort` blocks as defined below. */ frontendPorts: pulumi.Input[]>; /** * One or more `gatewayIpConfiguration` blocks as defined below. */ gatewayIpConfigurations: pulumi.Input[]>; /** * A `global` block as defined below. */ global?: pulumi.Input; /** * Is HTTP2 enabled on the application gateway resource? Defaults to `false`. */ http2Enabled?: pulumi.Input; /** * One or more `httpListener` blocks as defined below. * * > **Note:** At least one of `httpListener` or `listener` must be specified. */ httpListeners?: pulumi.Input[]>; /** * An `identity` block as defined below. */ identity?: pulumi.Input; /** * One or more `listener` blocks as defined below. * * > **Note:** At least one of `httpListener` or `listener` must be specified. */ listeners?: pulumi.Input[]>; /** * The Azure region where the Application Gateway should exist. Changing this forces a new resource to be created. */ location?: pulumi.Input; /** * The name of the Application Gateway. Changing this forces a new resource to be created. */ name?: pulumi.Input; /** * One or more `privateLinkConfiguration` blocks as defined below. */ privateLinkConfigurations?: pulumi.Input[]>; /** * One or more `probe` blocks as defined below. */ probes?: pulumi.Input[]>; /** * One or more `redirectConfiguration` blocks as defined below. */ redirectConfigurations?: pulumi.Input[]>; /** * One or more `requestRoutingRule` blocks as defined below. * * > **Note:** At least one of `requestRoutingRule` or `routingRule` must be specified. */ requestRoutingRules?: pulumi.Input[]>; /** * The name of the resource group in which to the Application Gateway should exist. Changing this forces a new resource to be created. */ resourceGroupName: pulumi.Input; /** * One or more `rewriteRuleSet` blocks as defined below. Only valid for v2 WAF and Standard SKUs. */ rewriteRuleSets?: pulumi.Input[]>; /** * One or more `routingRule` blocks as defined below. * * > **Note:** At least one of `requestRoutingRule` or `routingRule` must be specified. */ routingRules?: pulumi.Input[]>; /** * A `sku` block as defined below. */ sku: pulumi.Input; /** * One or more `sslCertificate` blocks as defined below. */ sslCertificates?: pulumi.Input[]>; /** * a `sslPolicy` block as defined below. */ sslPolicy?: pulumi.Input; /** * One or more `sslProfile` blocks as defined below. */ sslProfiles?: pulumi.Input[]>; /** * A mapping of tags to assign to the resource. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * One or more `trustedClientCertificate` blocks as defined below. */ trustedClientCertificates?: pulumi.Input[]>; /** * One or more `trustedRootCertificate` blocks as defined below. */ trustedRootCertificates?: pulumi.Input[]>; /** * One or more `urlPathMap` blocks as defined below. */ urlPathMaps?: pulumi.Input[]>; /** * A `wafConfiguration` block as defined below. */ wafConfiguration?: pulumi.Input; /** * Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created. * * > **Note:** Availability Zones are not supported in all regions at this time, please check the [official documentation](https://docs.microsoft.com/azure/availability-zones/az-overview) for more information. They are also only supported for [v2 SKUs](https://docs.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) */ zones?: pulumi.Input[]>; }