Last active
July 30, 2018 21:27
-
-
Save danielscholl/d3b0649b5cdfb6f567f9bdf5a2e1a468 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters":{ | |
| "prefix": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Small unique string." | |
| }, | |
| "minLength": 2, | |
| "maxLength": 11 | |
| }, | |
| "wafEnabled": { | |
| "type": "bool", | |
| "defaultValue": true, | |
| "metadata": { | |
| "description": "WAF Enabled" | |
| } | |
| }, | |
| "wafMode": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "Detection", | |
| "Prevention" | |
| ], | |
| "defaultValue": "Detection", | |
| "metadata": { | |
| "description": "WAF Mode" | |
| } | |
| }, | |
| "wafRuleSetType": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "OWASP" | |
| ], | |
| "defaultValue": "OWASP", | |
| "metadata": { | |
| "description": "WAF Rule Set Type" | |
| } | |
| }, | |
| "wafRuleSetVersion": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "2.2.9", | |
| "3.0" | |
| ], | |
| "defaultValue": "3.0", | |
| "metadata": { | |
| "description": "WAF Rule Set Version" | |
| } | |
| } | |
| }, | |
| "variables":{ | |
| "hostingPlanName":"[concat(parameters('prefix'), '-plan')]", | |
| "site1Name": "[concat(parameters('prefix'), '-web-1')]", | |
| "site2Name": "[concat(parameters('prefix'), '-web-2')]", | |
| "publicIpName": "[concat(parameters('prefix'), '-ip')]", | |
| "publicIPRef": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicIpName'))]", | |
| "vnetName": "[concat(parameters('prefix'), '-vnet')]", | |
| "addressPrefix": "10.0.0.0/16", | |
| "subnetPrefix": "10.0.0.0/28", | |
| "subnetName": "appGatewaySubnet", | |
| "subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('subnetName'))]", | |
| "appGatewayName": "[concat(parameters('prefix'), '-gw')]", | |
| "appGatewayId": "[resourceId('Microsoft.Network/applicationGateways',variables('appGatewayName'))]" | |
| }, | |
| "resources": [ | |
| { | |
| "apiVersion":"2016-09-01", | |
| "name":"[variables('hostingPlanName')]", | |
| "type":"Microsoft.Web/serverfarms", | |
| "kind":"app", | |
| "location":"[resourceGroup().location]", | |
| "sku":{ | |
| "name": "S1" | |
| }, | |
| "properties":{ } | |
| }, | |
| { | |
| "apiVersion": "2016-08-01", | |
| "type":"Microsoft.Web/sites", | |
| "name":"[variables('site1Name')]", | |
| "dependsOn":[ | |
| "[variables('hostingPlanName')]" | |
| ], | |
| "location":"[resourceGroup().location]", | |
| "properties":{ | |
| "name":"[variables('site1Name')]", | |
| "serverFarmId":"[variables('hostingPlanName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "2016-08-01", | |
| "type":"Microsoft.Web/sites", | |
| "name":"[variables('site2Name')]", | |
| "dependsOn":[ | |
| "[variables('hostingPlanName')]" | |
| ], | |
| "location":"[resourceGroup().location]", | |
| "properties":{ | |
| "name":"[variables('site2Name')]", | |
| "serverFarmId":"[variables('hostingPlanName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "2017-06-01", | |
| "type": "Microsoft.Network/publicIPAddresses", | |
| "name": "[variables('publicIpName')]", | |
| "location":"[resourceGroup().location]", | |
| "properties": { | |
| "publicIPAllocationMethod": "Dynamic" | |
| } | |
| }, | |
| { | |
| "apiVersion": "2017-06-01", | |
| "type": "Microsoft.Network/virtualNetworks", | |
| "name": "[variables('vnetName')]", | |
| "location":"[resourceGroup().location]", | |
| "properties": { | |
| "addressSpace": { | |
| "addressPrefixes": [ | |
| "[variables('addressPrefix')]" | |
| ] | |
| }, | |
| "subnets": [ | |
| { | |
| "name": "[variables('subnetName')]", | |
| "properties": { | |
| "addressPrefix": "[variables('subnetPrefix')]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "apiVersion": "2017-06-01", | |
| "name": "[variables('appGatewayName')]", | |
| "type": "Microsoft.Network/applicationGateways", | |
| "location":"[resourceGroup().location]", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Network/virtualNetworks/', variables('vnetName'))]", | |
| "[concat('Microsoft.Network/publicIPAddresses/', variables('publicIpName'))]" | |
| ], | |
| "properties": { | |
| "sku": { | |
| "name": "WAF_Medium", | |
| "tier": "WAF", | |
| "capacity": 2 | |
| }, | |
| "gatewayIPConfigurations": [ | |
| { | |
| "name": "appGatewayIpConfig", | |
| "properties": { | |
| "subnet": { | |
| "id": "[variables('subnetRef')]" | |
| } | |
| } | |
| } | |
| ], | |
| "frontendIPConfigurations": [ | |
| { | |
| "name": "appGatewayFrontendIP", | |
| "properties": { | |
| "PublicIPAddress": { | |
| "id": "[variables('publicIPRef')]" | |
| } | |
| } | |
| } | |
| ], | |
| "frontendPorts": [ | |
| { | |
| "name": "appGatewayFrontendPort", | |
| "properties": { | |
| "Port": 80 | |
| } | |
| } | |
| ], | |
| "httpListeners": [ | |
| { | |
| "name": "site-1-listener", | |
| "properties": { | |
| "FrontendIPConfiguration": { | |
| "Id": "[concat(variables('appGatewayId'), '/frontendIPConfigurations/appGatewayFrontendIP')]" | |
| }, | |
| "FrontendPort": { | |
| "Id": "[concat(variables('appGatewayId'), '/frontendPorts/appGatewayFrontendPort')]" | |
| }, | |
| "Protocol": "Http", | |
| "hostName": "[concat(variables('site1Name'), '.cloudcodeit.com')]", | |
| "SslCertificate": null | |
| } | |
| } | |
| ], | |
| "probes": [ | |
| { | |
| "Name": "site-1-probe", | |
| "properties": { | |
| "Protocol": "Http", | |
| "Path": "/keepalive.html", | |
| "Interval": 30, | |
| "Timeout": 10, | |
| "UnhealthyThreshold": 3, | |
| "MinServers": 0, | |
| "PickHostNameFromBackendHttpSettings": true | |
| } | |
| }, | |
| { | |
| "Name": "site-2-probe", | |
| "properties": { | |
| "Protocol": "Http", | |
| "Path": "/keepalive.html", | |
| "Interval": 30, | |
| "Timeout": 10, | |
| "UnhealthyThreshold": 3, | |
| "MinServers": 0, | |
| "PickHostNameFromBackendHttpSettings": true | |
| } | |
| } | |
| ], | |
| "backendHttpSettingsCollection": [ | |
| { | |
| "name": "site-1-settings", | |
| "properties": { | |
| "Port": 80, | |
| "Protocol": "Http", | |
| "CookieBasedAffinity": "Disabled", | |
| "PickHostNameFromBackendAddress": true, | |
| "ProbeEnabled": "true", | |
| "Probe": { | |
| "id": "[concat(variables('appGatewayId'), '/probes/site-1-probe')]" | |
| } | |
| } | |
| }, | |
| { | |
| "name": "site-2-settings", | |
| "properties": { | |
| "Port": 80, | |
| "Protocol": "Http", | |
| "CookieBasedAffinity": "Disabled", | |
| "PickHostNameFromBackendAddress": true, | |
| "ProbeEnabled": "true", | |
| "Probe": { | |
| "id": "[concat(variables('appGatewayId'), '/probes/site-2-probe')]" | |
| } | |
| } | |
| } | |
| ], | |
| "backendAddressPools": [ | |
| { | |
| "name": "site-1-pool", | |
| "properties": { | |
| "BackendAddresses": [ | |
| { | |
| "IpAddress": "[concat(variables('site1Name'), '.azurewebsites.net')]" | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "name": "site-2-pool", | |
| "properties": { | |
| "BackendAddresses": [ | |
| { | |
| "IpAddress": "[concat(variables('site2Name'), '.azurewebsites.net')]" | |
| } | |
| ] | |
| } | |
| } | |
| ], | |
| "requestRoutingRules": [ | |
| { | |
| "Name": "site-1-rule", | |
| "properties": { | |
| "RuleType": "Basic", | |
| "httpListener": { | |
| "id": "[concat(variables('appGatewayId'), '/httpListeners/site-1-listener')]" | |
| }, | |
| "backendAddressPool": { | |
| "id": "[concat(variables('appGatewayId'), '/backendAddressPools/site-1-pool')]" | |
| }, | |
| "backendHttpSettings": { | |
| "id": "[concat(variables('appGatewayId'), '/backendHttpSettingsCollection/site-1-settings')]" | |
| } | |
| } | |
| } | |
| ], | |
| "webApplicationFirewallConfiguration": { | |
| "enabled": "[parameters('wafEnabled')]", | |
| "firewallMode": "[parameters('wafMode')]", | |
| "ruleSetType": "[parameters('wafRuleSetType')]", | |
| "ruleSetVersion": "[parameters('wafRuleSetVersion')]", | |
| "disabledRuleGroups": [] | |
| } | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment