Is there not a way to create an application gateway with waf_v2 sku and have a WAF policy attached using the rest api?
With this code i can deploy the application gateway
"webApplicationFirewallConfiguration" = @{
"disabledRuleGroups" = @()
"enabled" = $true
"exclusions" = @()
"fileUploadLimitInMb" = 100
"firewallMode" = "Detection"
"maxRequestBodySizeinKb" = 128
"requestBodyCheck" = $true
"ruleSetType" = "OWASP"
"ruleSetVersion" = "3.1"
}
But if i removed that and put instead
"firewallPolicy" = @{
"id" = "path to WAF Policy"
}
I am getting the following return:
{
"error": {
"code": "ApplicationGatewayFirewallNotConfiguredForSelectedSku",
"message": "Application Gateway (Path to gateway) with the selected SKU tier WAF_v2 must have a valid WAF policy or configuration",
"details": []
}
}
I have added "forceFirewallPolicyAssociation" = $true but that hasnt seemed to help. Has anyone worked with the REST API and the application gateways? I have been at this for about 16 hours and am at my wits end. AKS wasn't this hard to deploy via rest api... Any help is appreciated
CodePudding user response:
I solved it by putting all 3 items together. It then deployed with the external policy.
CodePudding user response:
Seems like an issue in the 2022-01-01
version. At least i get the same error in Bicep. Rolling back to 2021-08-01
works.