Home > Back-end >  WAF Policy attachment to Application Gateway, and REST API
WAF Policy attachment to Application Gateway, and REST API

Time:08-25

Is there not a way to create an application gateway with waf_v2 sku and have a WAF policy attached using the rest api?

With this code i can deploy the application gateway

    "webApplicationFirewallConfiguration" = @{
        "disabledRuleGroups" = @()
        "enabled" = $true
        "exclusions" = @()
        "fileUploadLimitInMb" = 100
        "firewallMode" = "Detection"
        "maxRequestBodySizeinKb" = 128
        "requestBodyCheck"       = $true
        "ruleSetType"        = "OWASP"
        "ruleSetVersion"     = "3.1"
    }

But if i removed that and put instead

    "firewallPolicy"      = @{
        "id" = "path to WAF Policy"
    }

I am getting the following return:

{
  "error": {
    "code": "ApplicationGatewayFirewallNotConfiguredForSelectedSku",
    "message": "Application Gateway (Path to gateway) with the selected SKU tier WAF_v2 must have a valid WAF policy or configuration",
    "details": []
  }
}

I have added "forceFirewallPolicyAssociation" = $true but that hasnt seemed to help. Has anyone worked with the REST API and the application gateways? I have been at this for about 16 hours and am at my wits end. AKS wasn't this hard to deploy via rest api... Any help is appreciated

https://docs.microsoft.com/en-us/rest/api/application-gateway/application-gateways/create-or-update?tabs=HTTP#code-try-0

CodePudding user response:

I solved it by putting all 3 items together. It then deployed with the external policy.

CodePudding user response:

Seems like an issue in the 2022-01-01 version. At least i get the same error in Bicep. Rolling back to 2021-08-01 works.

  • Related