mvc-10

Author: vhorne

articles/application-gateway/cli-samples.md

@@ -0,0 +1,28 @@
+---
+title: Azure Application Gateway Azure CLI Samples | Microsoft Docs
+description: Application Gateway Azure CLI Samples
+services: application-gateway
+documentationcenter: networking
+author: davidmu1
+manager: timlt
+editor: tysonn
+tags: azure-resource-manager
+
+ms.service: application-gateway
+ms.topic: article
+ms.tgt_pltfrm: vm-windows
+ms.workload: infrastructure
+ms.date: 01/30/2018
+ms.author: davidmu
+ms.custom: mvc
+
+---
+# Azure Application Gateway Azure CLI samples
+
+The following table includes links to Azure CLI script samples that create application gateways.
+
+| | |
+|---|---|
+| [Manage web traffic](./scripts/create-vmss-cli.md) | Creates an application gateway and all related resources. |
+| [Restrict web traffic](./scripts/create-vmss-waf-cli.md) | Creates an application gateway that restricts traffic using OWASP rules.|
+| | |

articles/application-gateway/media/redirect-internal-site-cli/application-gateway-nginxtest.PNG

@@ -0,0 +1,28 @@
+---
+title: Azure Application Gateway PowerShell Samples | Microsoft Docs
+description: Azure Application Gateway PowerShell Samples
+services: application-gateway
+documentationcenter: networking
+author: davidmu1
+manager: timlt
+editor: tysonn
+tags: azure-resource-manager
+
+ms.service: application-gateway
+ms.topic: article
+ms.tgt_pltfrm: vm-windows
+ms.workload: infrastructure
+ms.date: 01/29/2018
+ms.author: davidmu
+ms.custom: mvc
+---
+# Azure Application Gateway PowerShell samples
+
+The following table includes links to Azure PowerShell script samples that create application gateways.
+
+| | |
+|---|---|
+| [Manage web traffic](./scripts/create-vmss-powershell.md) | Creates an application gateway and all related resources.|
+| [Restrict web traffic](./scripts/create-vmss-waf-powershell.md) | Creates an application gateway that restricts traffic using OWASP rules.|
+| | |
+

articles/application-gateway/media/redirect-internal-site-powershell/application-gateway-iistest.PNG

@@ -0,0 +1,60 @@
+---
+title: Azure CLI Script Sample - Restrict web traffic | Microsoft Docs
+description: Azure CLI Script Sample - Create an application gateway with a web application firewall and a virtual machine scale set that uses OWASP rules to restrict traffic.
+services: application-gateway
+documentationcenter: networking
+author: davidmu1
+manager: timlt
+editor: tysonn
+tags: azure-resource-manager
+
+ms.service: application-gateway
+ms.topic: sample
+ms.tgt_pltfrm: vm-windows
+ms.workload: infrastructure
+ms.date: 01/29/2018
+ms.author: davidmu
+ms.custom: mvc
+---
+
+# Restrict web traffic using the Azure CLI
+
+This script creates an application gateway with a web application firewall that uses a virtual machine scale set for backend servers. The web application firewall restricts web traffic based on OWASP rules. After running the script, you can test the application gateway using its public IP address.
+
+[!INCLUDE [sample-cli-install](../../../includes/sample-cli-install.md)]
+
+[!INCLUDE [quickstarts-free-trial-note](../../../includes/quickstarts-free-trial-note.md)]
+
+## Sample script
+
+[!code-azurecli-interactive[main](../../../cli_scripts/application-gateway/create-vmss/create-vmss-waf.sh "Create application gateway")]
+
+## Clean up deployment 
+
+Run the following command to remove the resource group, application gateway, and all related resources.
+
+```azurecli-interactive 
+az group delete --name myResourceGroupAG --yes
+```
+
+## Script explanation
+
+This script uses the following commands to create the deployment. Each item in the table links to command specific documentation.
+
+| Command | Notes |
+|---|---|
+| [az group create](https://docs.microsoft.com/cli/azure/group#az_group_create) | Creates a resource group in which all resources are stored. |
+| [az network vnet create](https://docs.microsoft.com/cli/azure/network/vnet#az_net) | Creates a virtual network. |
+| [az network vnet subnet create](https://docs.microsoft.com/cli/azure/network/vnet/subnet#az_network_vnet_subnet_create) | Creates a subnet in a virtual network. |
+| [az network public-ip create](https://docs.microsoft.com/cli/azure/public-ip#az_network_public_ip_create) | Creates the public IP address for the application gateway. |
+| [az network application-gateway create](https://docs.microsoft.com/cli/azure/application-gateway#az_application_gateway_create) | Create an application gateway. |
+| [az vmss create](https://docs.microsoft.com/cli/azure/vmss#az_vmss_create) | Creates a virtual machine scale set. |
+| [az storage account create](https://docs.microsoft.com/cli/azure/storage/account#az_storage_account_create) | Creates a storage account. |
+| [az monitor diagnostic-settings create](https://docs.microsoft.com/cli/azure/monitor/diagnostic-settings#az_monitor_diagnostic_settings_create) | Creates a storage account. |
+| [az network public-ip show](https://docs.microsoft.com/cli/azure/network/public-ip#az_network_public_ip_show) | Gets the public IP address of the application gateway. |
+
+## Next steps
+
+For more information on the Azure CLI, see [Azure CLI documentation](https://docs.microsoft.com/cli/azure/overview).
+
+Additional application gateway CLI script samples can be found in the [Azure application gateway documentation](../cli-samples.md).

articles/application-gateway/media/redirect-overview/redirect.png

@@ -0,0 +1,72 @@
+---
+title: Azure PowerShell Script Sample - Restrict web traffic | Microsoft Docs
+description: Azure PowerShell Script Sample - Create an application gateway with a web application firewall and a virtual machine scale set that uses OWASP rules to restrict traffic.
+services: application-gateway
+documentationcenter: networking
+author: davidmu1
+manager: timlt
+editor: tysonn
+tags: azure-resource-manager
+
+ms.service: application-gateway
+ms.topic: sample
+ms.tgt_pltfrm: vm-windows
+ms.workload: infrastructure
+ms.date: 01/29/2018
+ms.author: davidmu
+ms.custom: mvc
+---
+
+# Restrict web traffic using Azure PowerShell
+
+This script creates an application gateway with a web application firewall that uses a virtual machine scale set for backend servers. The web application firewall restricts web traffic based on OWASP rules. After running the script, you can test the application gateway using its public IP address.
+
+[!INCLUDE [sample-powershell-install](../../../includes/sample-powershell-install-no-ssh.md)]
+
+[!INCLUDE [quickstarts-free-trial-note](../../../includes/quickstarts-free-trial-note.md)]
+
+## Sample script
+
+[!code-powershell[main](../../../powershell_scripts/application-gateway/create-vmss/create-vmss-waf.ps1 "Create application gateway with WAF")]
+
+## Clean up deployment 
+
+Run the following command to remove the resource group, application gateway, and all related resources.
+
+```powershell
+Remove-AzureRmResourceGroup -Name myResourceGroupAG
+```
+
+## Script explanation
+
+This script uses the following commands to create the deployment. Each item in the table links to command specific documentation.
+
+| Command | Notes |
+|---|---|
+| [New-AzureRmResourceGroup](/powershell/module/azurerm.resources/new-azurermresourcegroup) | Creates a resource group in which all resources are stored. |
+| [New-AzureRmVirtualNetworkSubnetConfig](/powershell/module/azurerm.network/new-azurermvirtualnetworksubnetconfig) | Creates the subnet configuration. |
+| [New-AzureRmVirtualNetwork](/powershell/module/azurerm.network/new-azurermvirtualnetwork) | Creates the virtual network using with the subnet configurations. |
+| [New-AzureRmPublicIpAddress](/powershell/module/azurerm.network/new-azurermpublicipaddress) | Creates the public IP address for the application gateway. |
+| [New-AzureRmApplicationGatewayIPConfiguration](/powershell/module/azurerm.network/new-azurermapplicationgatewayipconfiguration) | Creates the configuration that associates a subnet with the application gateway. |
+| [New-AzureRmApplicationGatewayFrontendIPConfig](/powershell/module/azurerm.network/new-azurermapplicationgatewayfrontendipconfig) | Creates the configuration that assigns a public IP address to the application gateway. |
+| [New-AzureRmApplicationGatewayFrontendPort](/powershell/module/azurerm.network/new-azurermapplicationgatewayfrontendport) | Assigns a port to be used to access the application gateway. |
+| [New-AzureRmApplicationGatewayBackendAddressPool](/powershell/module/azurerm.network/new-azurermapplicationgatewaybackendaddresspool) | Creates a backend pool for an application gateway. |
+| [New-AzureRmApplicationGatewayBackendHttpSettings](/powershell/module/azurerm.network/new-azurermapplicationgatewaybackendhttpsettings) | Configures settings for a backend pool. |
+| [New-AzureRmApplicationGatewayHttpListener](/powershell/module/azurerm.network/new-azurermapplicationgatewayhttplistener) | Creates a listener. |
+| [New-AzureRmApplicationGatewayRequestRoutingRule](/powershell/module/azurerm.network/new-azurermapplicationgatewayrequestroutingrule) | Creates a routing rule. |
+| [New-AzureRmApplicationGatewaySku](/powershell/module/azurerm.network/new-azurermapplicationgatewaysku) | Specify the tier and capacity for an application gateway. |
+| [New-AzureRmApplicationGatewayWebApplicationFirewallConfiguration](/powershell/module/azurerm.network/new-azurermapplicationgatewaywebapplicationfirewallconfiguration) | Creates the web application firewall configuration. |
+| [New-AzureRmApplicationGateway](/powershell/module/azurerm.network/new-azurermapplicationgateway) | Create an application gateway. |
+| [Set-AzureRmVmssStorageProfile](/powershell/module/azurerm.compute/set-azurermvmssstorageprofile) | Create a storage profile for the scale set. |
+| [Set-AzureRmVmssOsProfile](/powershell/module/azurerm.compute/set-azurermvmssosprofile) | Define the operating system for the scale set. |
+| [Add-AzureRmVmssNetworkInterfaceConfiguration](/powershell/module/azurerm.compute/add-azurermvmssnetworkinterfaceconfiguration) | Define the network interface for the scale set. |
+| [New-AzureRmVmss](/powershell/module/azurerm.compute/new-azurermvm) | Create a virtual machine scale set. |
+| [New-AzureRmStorageAccount](/powershell/module/azurerm.storage/new-azurermstorageaccount) | Creates a storage account. |
+| [Set-AzureRmDiagnosticSetting](/powershell/module/azurerm.insights/set-azurermdiagnosticsetting) | Configures diagnostics to record data. |
+| [Get-AzureRmPublicIPAddress](/powershell/module/azurerm.network/get-azurermpublicipaddress) | Gets the public IP address of an application gateway. |
+|[Remove-AzureRmResourceGroup](/powershell/module/azurerm.resources/remove-azurermresourcegroup) | Removes a resource group and all resources contained within. | 
+## Next steps
+
+For more information on the Azure PowerShell module, see [Azure PowerShell documentation](/powershell/azure/overview).
+
+Additional application gateway PowerShell script samples can be found in the [Azure Application Gateway documentation](../powershell-samples.md).

articles/application-gateway/powershell-samples.md

@@ -1,23 +1,24 @@
 ---
-title: Create an application gateway with URL path-based redirection - Azure CLI | Microsoft Docs
+title: Create an application gateway with URL path-based redirection - Azure CLI
 description: Learn how to create an application gateway with URL path-based redirected traffic using the Azure CLI.
 services: application-gateway
-author: davidmu1
-manager: timlt
-editor: tysonn
+author: vhorne
+manager: jpconnock
 
 ms.service: application-gateway
-ms.topic: article
+ms.topic: tutorial
 ms.workload: infrastructure-services
-ms.date: 01/24/2018
-ms.author: davidmu
+ms.date: 3/28/2018
+ms.author: victorh
+ms.custom: mvc
+#Customer intent: As an IT administrator, I want to use Azure CLI to set up URL path redirection of web traffic to specific pools of servers so I can ensure my customers have access to the information they need.
 
 ---
-# Create an application gateway with URL path-based redirection using the Azure CLI
+# Tutorial: Create an application gateway with URL path-based redirection using the Azure CLI
 
 You can use the Azure CLI to configure [URL path-based routing rules](application-gateway-url-route-overview.md) when you create an [application gateway](application-gateway-introduction.md). In this tutorial, you create backend pools using [virtual machine scale sets](../virtual-machine-scale-sets/virtual-machine-scale-sets-overview.md). You then create URL routing rules that make sure web traffic is redirected to the appropriate backend pool.
 
-In this article, you learn how to:
+In this tutorial, you learn how to:
 
 > [!div class="checklist"]
 > * Set up the network
@@ -57,19 +58,21 @@ az network vnet create \
   --address-prefix 10.0.0.0/16 \
   --subnet-name myAGSubnet \
   --subnet-prefix 10.0.1.0/24
+
 az network vnet subnet create \
   --name myBackendSubnet \
   --resource-group myResourceGroupAG \
   --vnet-name myVNet \
   --address-prefix 10.0.2.0/24
+
 az network public-ip create \
   --resource-group myResourceGroupAG \
   --name myAGPublicIPAddress
 ```
 
 ## Create an application gateway
 
-You can use [az network application-gateway create](/cli/azure/application-gateway#create) to create the application gateway named myAppGateway. When you create an application gateway using the Azure CLI, you specify configuration information, such as capacity, sku, and HTTP settings. The application gateway is assigned to *myAGSubnet* and *myPublicIPSddress* that you previously created.  
+Use [az network application-gateway create](/cli/azure/application-gateway#create) to create the application gateway named myAppGateway. When you create an application gateway using the Azure CLI, you specify configuration information, such as capacity, sku, and HTTP settings. The application gateway is assigned to *myAGSubnet* and *myPublicIPSddress* that you previously created.
 
 ```azurecli-interactive
 az network application-gateway create \
@@ -87,7 +90,7 @@ az network application-gateway create \
   --public-ip-address myAGPublicIPAddress
 ```
 
- It may take several minutes for the application gateway to be created. After the application gateway is created, you can see these new features of it:
+ It may take several minutes for the application gateway to be created. After the application gateway is created, you can see these new features:
 
 - *appGatewayBackendPool* - An application gateway must have at least one backend address pool.
 - *appGatewayBackendHttpSettings* - Specifies that port 80 and an HTTP protocol is used for communication.
@@ -105,15 +108,18 @@ az network application-gateway address-pool create \
   --gateway-name myAppGateway \
   --resource-group myResourceGroupAG \
   --name imagesBackendPool
+
 az network application-gateway address-pool create \
   --gateway-name myAppGateway \
   --resource-group myResourceGroupAG \
   --name videoBackendPool
+
 az network application-gateway frontend-port create \
   --port 8080 \
   --gateway-name myAppGateway \
   --resource-group myResourceGroupAG \
   --name bport
+
 az network application-gateway frontend-port create \
   --port 8081 \
   --gateway-name myAppGateway \
@@ -135,6 +141,7 @@ az network application-gateway http-listener create \
   --frontend-port bport \
   --resource-group myResourceGroupAG \
   --gateway-name myAppGateway
+
 az network application-gateway http-listener create \
   --name redirectedListener \
   --frontend-ip appGatewayFrontendIP \
@@ -158,6 +165,7 @@ az network application-gateway url-path-map create \
   --default-http-settings appGatewayBackendHttpSettings \
   --http-settings appGatewayBackendHttpSettings \
   --rule-name imagePathRule
+
 az network application-gateway url-path-map rule create \
   --gateway-name myAppGateway \
   --name videoPathRule \
@@ -207,6 +215,7 @@ az network application-gateway rule create \
   --rule-type PathBasedRouting \
   --url-path-map urlpathmap \
   --address-pool appGatewayBackendPool
+
 az network application-gateway rule create \
   --gateway-name myAppGateway \
   --name redirectedRule \
@@ -235,6 +244,7 @@ for i in `seq 1 3`; do
   then
     poolName="videoBackendPool"
   fi
+
   az vmss create \
     --name myvmss$i \
     --resource-group myResourceGroupAG \
@@ -262,12 +272,13 @@ for i in `seq 1 3`; do
     --resource-group myResourceGroupAG \
     --vmss-name myvmss$i \
     --settings '{ "fileUris": ["https://raw.githubusercontent.com/davidmu1/samplescripts/master/install_nginx.sh"], "commandToExecute": "./install_nginx.sh" }'
+
 done
 ```
 
 ## Test the application gateway
 
-To get the public IP address of the application gateway, you can use [az network public-ip show](/cli/azure/network/public-ip#az_network_public_ip_show). Copy the public IP address, and then paste it into the address bar of your browser. Such as, *http://40.121.222.19*, *http://40.121.222.19:8080/images/test.htm*, *http://40.121.222.19:8080/video/test.htm*, or *http://40.121.222.19:8081/images/test.htm*.
+To get the public IP address of the application gateway, use [az network public-ip show](/cli/azure/network/public-ip#az_network_public_ip_show). Copy the public IP address, and then paste it into the address bar of your browser. Such as, *http://40.121.222.19*, *http://40.121.222.19:8080/images/test.htm*, *http://40.121.222.19:8080/video/test.htm*, or *http://40.121.222.19:8081/images/test.htm*.
 
 ```azurepowershell-interactive
 az network public-ip show \
@@ -279,16 +290,23 @@ az network public-ip show \
 
 ![Test base URL in application gateway](./media/tutorial-url-redirect-cli/application-gateway-nginx.png)
 
-Change the URL to http://<ip-address>:8080/video/test.html, substituting your IP address for <ip-address>, and you should see something like the following example:
+Change the URL to http://<ip-address>:8080/images/test.html, substituting your IP address for <ip-address>, and you should see something like the following example:
 
 ![Test images URL in application gateway](./media/tutorial-url-redirect-cli/application-gateway-nginx-images.png)
 
-Change the URL to http://<ip-address>:8080/video/test.html, substituting your IP address for <ip-address>, and you should see something like the following example.
+Change the URL to http://<ip-address>:8080/video/test.html, substituting your IP address for <ip-address>, and you should see something like the following example:
 
 ![Test video URL in application gateway](./media/tutorial-url-redirect-cli/application-gateway-nginx-video.png)
 
 Now, change the URL to http://<ip-address>:8081/images/test.htm, substituting your IP address for <ip-address>, and you should see traffic redirected back to the images backend pool at http://<ip-address>:8080/images.
 
+## Clean up resources
+
+When no longer needed, remove the resource group, application gateway, and all related resources.
+
+```azurecli-interactive
+az group delete --name myResourceGroupAG --location eastus
+```
 ## Next steps
 
 In this tutorial, you learned how to: