{"id":19129459,"url":"https://github.com/launchbynttdata/tf-azurerm-module_primitive-application_gateway","last_synced_at":"2026-05-17T10:36:31.622Z","repository":{"id":242541099,"uuid":"807659175","full_name":"launchbynttdata/tf-azurerm-module_primitive-application_gateway","owner":"launchbynttdata","description":null,"archived":false,"fork":false,"pushed_at":"2026-04-14T19:17:11.000Z","size":116,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-14T21:19:04.559Z","etag":null,"topics":["azure","infrastructure-as-code","platform-automation","primitive","terraform"],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/launchbynttdata.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-05-29T14:23:24.000Z","updated_at":"2025-01-13T15:18:45.000Z","dependencies_parsed_at":"2024-06-03T17:19:54.479Z","dependency_job_id":"4f3a49f0-2197-43eb-bdea-bc198cce99be","html_url":"https://github.com/launchbynttdata/tf-azurerm-module_primitive-application_gateway","commit_stats":null,"previous_names":["launchbynttdata/tf-azurerm-module_primitive-application_gateway"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/launchbynttdata/tf-azurerm-module_primitive-application_gateway","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Ftf-azurerm-module_primitive-application_gateway","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Ftf-azurerm-module_primitive-application_gateway/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Ftf-azurerm-module_primitive-application_gateway/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Ftf-azurerm-module_primitive-application_gateway/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/launchbynttdata","download_url":"https://codeload.github.com/launchbynttdata/tf-azurerm-module_primitive-application_gateway/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/launchbynttdata%2Ftf-azurerm-module_primitive-application_gateway/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33135105,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-17T09:28:26.183Z","status":"ssl_error","status_checked_at":"2026-05-17T09:27:52.702Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure","infrastructure-as-code","platform-automation","primitive","terraform"],"created_at":"2024-11-09T06:07:33.693Z","updated_at":"2026-05-17T10:36:31.604Z","avatar_url":"https://github.com/launchbynttdata.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# tf-azurerm-module_primitive-application_gateway\n\n[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![License: CC BY-NC-ND 4.0](https://img.shields.io/badge/License-CC_BY--NC--ND_4.0-lightgrey.svg)](https://creativecommons.org/licenses/by-nc-nd/4.0/)\n\n## Overview\n\nThis terraform module provisions an Application Gateway.\n\n## Pre-Commit hooks\n\n[.pre-commit-config.yaml](.pre-commit-config.yaml) file defines certain `pre-commit` hooks that are relevant to terraform, golang and common linting tasks. There are no custom hooks added.\n\n`commitlint` hook enforces commit message in certain format. The commit contains the following structural elements, to communicate intent to the consumers of your commit messages:\n\n- **fix**: a commit of the type `fix` patches a bug in your codebase (this correlates with PATCH in Semantic Versioning).\n- **feat**: a commit of the type `feat` introduces a new feature to the codebase (this correlates with MINOR in Semantic Versioning).\n- **BREAKING CHANGE**: a commit that has a footer `BREAKING CHANGE:`, or appends a `!` after the type/scope, introduces a breaking API change (correlating with MAJOR in Semantic Versioning). A BREAKING CHANGE can be part of commits of any type.\nfooters other than BREAKING CHANGE: \u003cdescription\u003e may be provided and follow a convention similar to git trailer format.\n- **build**: a commit of the type `build` adds changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)\n- **chore**: a commit of the type `chore` adds changes that don't modify src or test files\n- **ci**: a commit of the type `ci` adds changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)\n- **docs**: a commit of the type `docs` adds documentation only changes\n- **perf**: a commit of the type `perf` adds code change that improves performance\n- **refactor**: a commit of the type `refactor` adds code change that neither fixes a bug nor adds a feature\n- **revert**: a commit of the type `revert` reverts a previous commit\n- **style**: a commit of the type `style` adds code changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)\n- **test**: a commit of the type `test` adds missing tests or correcting existing tests\n\nBase configuration used for this project is [commitlint-config-conventional (based on the Angular convention)](https://github.com/conventional-changelog/commitlint/tree/master/@commitlint/config-conventional#type-enum)\n\nIf you are a developer using vscode, [this](https://marketplace.visualstudio.com/items?itemName=joshbolduc.commitlint) plugin may be helpful.\n\n`detect-secrets-hook` prevents new secrets from being introduced into the baseline. TODO: INSERT DOC LINK ABOUT HOOKS\n\nIn order for `pre-commit` hooks to work properly\n\n- You need to have the pre-commit package manager installed. [Here](https://pre-commit.com/#install) are the installation instructions.\n- `pre-commit` would install all the hooks when commit message is added by default except for `commitlint` hook. `commitlint` hook would need to be installed manually using the command below\n\n```\npre-commit install --hook-type commit-msg\n```\n\n## To test the resource group module locally\n\n1. For development/enhancements to this module locally, you'll need to install all of its components. This is controlled by the `configure` target in the project's [`Makefile`](./Makefile). Before you can run `configure`, familiarize yourself with the variables in the `Makefile` and ensure they're pointing to the right places.\n\n```\nmake configure\n```\n\nThis adds in several files and directories that are ignored by `git`. They expose many new Make targets.\n\n2. _THIS STEP APPLIES ONLY TO MICROSOFT AZURE. IF YOU ARE USING A DIFFERENT PLATFORM PLEASE SKIP THIS STEP._ The first target you care about is `env`. This is the common interface for setting up environment variables. The values of the environment variables will be used to authenticate with cloud provider from local development workstation.\n\n`make configure` command will bring down `azure_env.sh` file on local workstation. Devloper would need to modify this file, replace the environment variable values with relevant values.\n\nThese environment variables are used by `terratest` integration suit.\n\nService principle used for authentication(value of ARM_CLIENT_ID) should have below privileges on resource group within the subscription.\n\n```\n\"Microsoft.Resources/subscriptions/resourceGroups/write\"\n\"Microsoft.Resources/subscriptions/resourceGroups/read\"\n\"Microsoft.Resources/subscriptions/resourceGroups/delete\"\n```\n\nThen run this make target to set the environment variables on developer workstation.\n\n```\nmake env\n```\n\n3. The first target you care about is `check`.\n\n**Pre-requisites**\nBefore running this target it is important to ensure that, developer has created files mentioned below on local workstation under root directory of git repository that contains code for primitives/segments. Note that these files are `azure` specific. If primitive/segment under development uses any other cloud provider than azure, this section may not be relevant.\n\n- A file named `provider.tf` with contents below\n\n```\nprovider \"azurerm\" {\n  features {}\n}\n```\n\n- A file named `terraform.tfvars` which contains key value pair of variables used.\n\nNote that since these files are added in `gitignore` they would not be checked in into primitive/segment's git repo.\n\nAfter creating these files, for running tests associated with the primitive/segment, run\n\n```\nmake check\n```\n\nIf `make check` target is successful, developer is good to commit the code to primitive/segment's git repo.\n\n`make check` target\n\n- runs `terraform commands` to `lint`,`validate` and `plan` terraform code.\n- runs `conftests`. `conftests` make sure `policy` checks are successful.\n- runs `terratest`. This is integration test suit.\n- runs `opa` tests\n\u003c!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | ~\u003e 1.0 |\n| \u003ca name=\"requirement_azurerm\"\u003e\u003c/a\u003e [azurerm](#requirement\\_azurerm) | ~\u003e 3.77 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_azurerm\"\u003e\u003c/a\u003e [azurerm](#provider\\_azurerm) | 3.116.0 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [azurerm_application_gateway.app_gateway](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway) | resource |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | Name of the application gateway. | `string` | n/a | yes |\n| \u003ca name=\"input_location\"\u003e\u003c/a\u003e [location](#input\\_location) | Azure location. | `string` | n/a | yes |\n| \u003ca name=\"input_resource_group_name\"\u003e\u003c/a\u003e [resource\\_group\\_name](#input\\_resource\\_group\\_name) | Resource group name | `string` | n/a | yes |\n| \u003ca name=\"input_frontend_ip_configuration_name\"\u003e\u003c/a\u003e [frontend\\_ip\\_configuration\\_name](#input\\_frontend\\_ip\\_configuration\\_name) | Name of the frontend IP configuration. | `string` | n/a | yes |\n| \u003ca name=\"input_public_ip_address_id\"\u003e\u003c/a\u003e [public\\_ip\\_address\\_id](#input\\_public\\_ip\\_address\\_id) | ID of the public IP address to use for the frontend IP configuration. | `string` | `null` | no |\n| \u003ca name=\"input_frontend_private_ip_configuration_name\"\u003e\u003c/a\u003e [frontend\\_private\\_ip\\_configuration\\_name](#input\\_frontend\\_private\\_ip\\_configuration\\_name) | Name of the frontend private IP configuration. | `string` | `null` | no |\n| \u003ca name=\"input_gateway_ip_configuration_name\"\u003e\u003c/a\u003e [gateway\\_ip\\_configuration\\_name](#input\\_gateway\\_ip\\_configuration\\_name) | Name of the gateway IP configuration. | `string` | n/a | yes |\n| \u003ca name=\"input_sku_capacity\"\u003e\u003c/a\u003e [sku\\_capacity](#input\\_sku\\_capacity) | The Capacity of the SKU to use for this Application Gateway - which must be between 1 and 10, optional if autoscale\\_configuration is set | `number` | `2` | no |\n| \u003ca name=\"input_sku\"\u003e\u003c/a\u003e [sku](#input\\_sku) | The Name of the SKU to use for this Application Gateway. Possible values are Standard\\_v2 and WAF\\_v2. | `string` | `\"Standard_v2\"` | no |\n| \u003ca name=\"input_zones\"\u003e\u003c/a\u003e [zones](#input\\_zones) | A collection of availability zones to spread the Application Gateway over. This option is only supported for v2 SKUs | `list(number)` | \u003cpre\u003e[\u003cbr\u003e  1,\u003cbr\u003e  2,\u003cbr\u003e  3\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_frontend_port_settings\"\u003e\u003c/a\u003e [frontend\\_port\\_settings](#input\\_frontend\\_port\\_settings) | Frontend port settings. Each port setting contains the name and the port for the frontend port. | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e    port = number\u003cbr\u003e  }))\u003c/pre\u003e | n/a | yes |\n| \u003ca name=\"input_ssl_policy\"\u003e\u003c/a\u003e [ssl\\_policy](#input\\_ssl\\_policy) | Application Gateway SSL configuration. The list of available policies can be found here: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#disabled_protocols | \u003cpre\u003eobject({\u003cbr\u003e    disabled_protocols   = optional(list(string), [])\u003cbr\u003e    policy_type          = optional(string, \"Predefined\")\u003cbr\u003e    policy_name          = optional(string, \"AppGwSslPolicy20170401S\")\u003cbr\u003e    cipher_suites        = optional(list(string), [])\u003cbr\u003e    min_protocol_version = optional(string, \"TLSv1_2\")\u003cbr\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_ssl_profile\"\u003e\u003c/a\u003e [ssl\\_profile](#input\\_ssl\\_profile) | Application Gateway SSL profile. Default profile is used when this variable is set to null. https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#name | \u003cpre\u003elist(object({\u003cbr\u003e    name                             = string\u003cbr\u003e    trusted_client_certificate_names = optional(list(string), [])\u003cbr\u003e    verify_client_cert_issuer_dn     = optional(bool, false)\u003cbr\u003e    ssl_policy = optional(object({\u003cbr\u003e      disabled_protocols   = optional(list(string), [])\u003cbr\u003e      policy_type          = optional(string, \"Predefined\")\u003cbr\u003e      policy_name          = optional(string, \"AppGwSslPolicy20170401S\")\u003cbr\u003e      cipher_suites        = optional(list(string), [])\u003cbr\u003e      min_protocol_version = optional(string, \"TLSv1_2\")\u003cbr\u003e    }))\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_firewall_policy_id\"\u003e\u003c/a\u003e [firewall\\_policy\\_id](#input\\_firewall\\_policy\\_id) | ID of a Web Application Firewall Policy | `string` | `null` | no |\n| \u003ca name=\"input_trusted_root_certificate_configs\"\u003e\u003c/a\u003e [trusted\\_root\\_certificate\\_configs](#input\\_trusted\\_root\\_certificate\\_configs) | List of trusted root certificates. `file_path` is checked first, using `data` (base64 cert content) if null. This parameter is required if you are not using a trusted certificate authority (eg. selfsigned certificate). | \u003cpre\u003elist(object({\u003cbr\u003e    name                = string\u003cbr\u003e    data                = optional(string)\u003cbr\u003e    file_path           = optional(string)\u003cbr\u003e    key_vault_secret_id = optional(string)\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_appgw_backend_pools\"\u003e\u003c/a\u003e [appgw\\_backend\\_pools](#input\\_appgw\\_backend\\_pools) | List of objects with backend pool configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    name         = string\u003cbr\u003e    fqdns        = optional(list(string))\u003cbr\u003e    ip_addresses = optional(list(string))\u003cbr\u003e  }))\u003c/pre\u003e | n/a | yes |\n| \u003ca name=\"input_appgw_http_listeners\"\u003e\u003c/a\u003e [appgw\\_http\\_listeners](#input\\_appgw\\_http\\_listeners) | List of objects with HTTP listeners configurations and custom error configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e\u003cbr\u003e    frontend_ip_configuration_name = optional(string)\u003cbr\u003e    frontend_port_name             = optional(string)\u003cbr\u003e    host_name                      = optional(string)\u003cbr\u003e    host_names                     = optional(list(string))\u003cbr\u003e    protocol                       = optional(string, \"Https\")\u003cbr\u003e    require_sni                    = optional(bool, false)\u003cbr\u003e    ssl_certificate_name           = optional(string)\u003cbr\u003e    ssl_profile_name               = optional(string)\u003cbr\u003e    firewall_policy_id             = optional(string)\u003cbr\u003e\u003cbr\u003e    custom_error_configuration = optional(list(object({\u003cbr\u003e      status_code           = string\u003cbr\u003e      custom_error_page_url = string\u003cbr\u003e    })), [])\u003cbr\u003e  }))\u003c/pre\u003e | n/a | yes |\n| \u003ca name=\"input_custom_error_configuration\"\u003e\u003c/a\u003e [custom\\_error\\_configuration](#input\\_custom\\_error\\_configuration) | List of objects with global level custom error configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    status_code           = string\u003cbr\u003e    custom_error_page_url = string\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_ssl_certificates_configs\"\u003e\u003c/a\u003e [ssl\\_certificates\\_configs](#input\\_ssl\\_certificates\\_configs) | List of objects with SSL certificates configurations.\u003cbr\u003eThe path to a base-64 encoded certificate is expected in the 'data' attribute:\u003cpre\u003edata = filebase64(\"./file_path\")\u003c/pre\u003e | \u003cpre\u003elist(object({\u003cbr\u003e    name                = string\u003cbr\u003e    data                = optional(string)\u003cbr\u003e    password            = optional(string)\u003cbr\u003e    key_vault_secret_id = optional(string)\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_authentication_certificates_configs\"\u003e\u003c/a\u003e [authentication\\_certificates\\_configs](#input\\_authentication\\_certificates\\_configs) | List of objects with authentication certificates configurations.\u003cbr\u003eThe path to a base-64 encoded certificate is expected in the 'data' attribute:\u003cpre\u003edata = filebase64(\"./file_path\")\u003c/pre\u003e | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e    data = string\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_trusted_client_certificates_configs\"\u003e\u003c/a\u003e [trusted\\_client\\_certificates\\_configs](#input\\_trusted\\_client\\_certificates\\_configs) | List of objects with trusted client certificates configurations.\u003cbr\u003eThe path to a base-64 encoded certificate is expected in the 'data' attribute:\u003cpre\u003edata = filebase64(\"./file_path\")\u003c/pre\u003e | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e    data = string\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_appgw_routings\"\u003e\u003c/a\u003e [appgw\\_routings](#input\\_appgw\\_routings) | List of objects with request routing rules configurations. With AzureRM v3+ provider, `priority` attribute becomes mandatory. | \u003cpre\u003elist(object({\u003cbr\u003e    name                        = string\u003cbr\u003e    rule_type                   = optional(string, \"Basic\")\u003cbr\u003e    http_listener_name          = optional(string)\u003cbr\u003e    backend_address_pool_name   = optional(string)\u003cbr\u003e    backend_http_settings_name  = optional(string)\u003cbr\u003e    url_path_map_name           = optional(string)\u003cbr\u003e    redirect_configuration_name = optional(string)\u003cbr\u003e    rewrite_rule_set_name       = optional(string)\u003cbr\u003e    priority                    = optional(number)\u003cbr\u003e  }))\u003c/pre\u003e | n/a | yes |\n| \u003ca name=\"input_appgw_probes\"\u003e\u003c/a\u003e [appgw\\_probes](#input\\_appgw\\_probes) | List of objects with probes configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    name     = string\u003cbr\u003e    host     = optional(string)\u003cbr\u003e    port     = optional(number, null)\u003cbr\u003e    interval = optional(number, 30)\u003cbr\u003e    path     = optional(string, \"/\")\u003cbr\u003e    protocol = optional(string, \"Https\")\u003cbr\u003e    timeout  = optional(number, 30)\u003cbr\u003e\u003cbr\u003e    unhealthy_threshold                       = optional(number, 3)\u003cbr\u003e    pick_host_name_from_backend_http_settings = optional(bool, false)\u003cbr\u003e    minimum_servers                           = optional(number, 0)\u003cbr\u003e\u003cbr\u003e    match = optional(object({\u003cbr\u003e      body        = optional(string, \"\")\u003cbr\u003e      status_code = optional(list(string), [\"200-399\"])\u003cbr\u003e    }), {})\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_appgw_backend_http_settings\"\u003e\u003c/a\u003e [appgw\\_backend\\_http\\_settings](#input\\_appgw\\_backend\\_http\\_settings) | List of objects including backend http settings configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    name     = string\u003cbr\u003e    port     = optional(number, 443)\u003cbr\u003e    protocol = optional(string, \"Https\")\u003cbr\u003e\u003cbr\u003e    path       = optional(string)\u003cbr\u003e    probe_name = optional(string)\u003cbr\u003e\u003cbr\u003e    cookie_based_affinity               = optional(string, \"Disabled\")\u003cbr\u003e    affinity_cookie_name                = optional(string, \"ApplicationGatewayAffinity\")\u003cbr\u003e    request_timeout                     = optional(number, 20)\u003cbr\u003e    host_name                           = optional(string)\u003cbr\u003e    pick_host_name_from_backend_address = optional(bool, true)\u003cbr\u003e    trusted_root_certificate_names      = optional(list(string), [])\u003cbr\u003e    authentication_certificate          = optional(string)\u003cbr\u003e\u003cbr\u003e    connection_draining_timeout_sec = optional(number)\u003cbr\u003e  }))\u003c/pre\u003e | n/a | yes |\n| \u003ca name=\"input_appgw_url_path_map\"\u003e\u003c/a\u003e [appgw\\_url\\_path\\_map](#input\\_appgw\\_url\\_path\\_map) | List of objects with URL path map configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e\u003cbr\u003e    default_backend_address_pool_name   = optional(string)\u003cbr\u003e    default_redirect_configuration_name = optional(string)\u003cbr\u003e    default_backend_http_settings_name  = optional(string)\u003cbr\u003e    default_rewrite_rule_set_name       = optional(string)\u003cbr\u003e\u003cbr\u003e    path_rules = list(object({\u003cbr\u003e      name = string\u003cbr\u003e\u003cbr\u003e      backend_address_pool_name   = optional(string)\u003cbr\u003e      backend_http_settings_name  = optional(string)\u003cbr\u003e      rewrite_rule_set_name       = optional(string)\u003cbr\u003e      redirect_configuration_name = optional(string)\u003cbr\u003e\u003cbr\u003e      paths = optional(list(string), [])\u003cbr\u003e    }))\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_appgw_redirect_configuration\"\u003e\u003c/a\u003e [appgw\\_redirect\\_configuration](#input\\_appgw\\_redirect\\_configuration) | List of objects with redirect configurations. | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e\u003cbr\u003e    redirect_type        = optional(string, \"Permanent\")\u003cbr\u003e    target_listener_name = optional(string)\u003cbr\u003e    target_url           = optional(string)\u003cbr\u003e\u003cbr\u003e    include_path         = optional(bool, true)\u003cbr\u003e    include_query_string = optional(bool, true)\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_appgw_rewrite_rule_set\"\u003e\u003c/a\u003e [appgw\\_rewrite\\_rule\\_set](#input\\_appgw\\_rewrite\\_rule\\_set) | List of rewrite rule set objects with rewrite rules. | \u003cpre\u003elist(object({\u003cbr\u003e    name = string\u003cbr\u003e    rewrite_rules = list(object({\u003cbr\u003e      name          = string\u003cbr\u003e      rule_sequence = string\u003cbr\u003e\u003cbr\u003e      conditions = optional(list(object({\u003cbr\u003e        variable    = string\u003cbr\u003e        pattern     = string\u003cbr\u003e        ignore_case = optional(bool, false)\u003cbr\u003e        negate      = optional(bool, false)\u003cbr\u003e      })), [])\u003cbr\u003e\u003cbr\u003e      response_header_configurations = optional(list(object({\u003cbr\u003e        header_name  = string\u003cbr\u003e        header_value = string\u003cbr\u003e      })), [])\u003cbr\u003e\u003cbr\u003e      request_header_configurations = optional(list(object({\u003cbr\u003e        header_name  = string\u003cbr\u003e        header_value = string\u003cbr\u003e      })), [])\u003cbr\u003e\u003cbr\u003e      url_reroute = optional(object({\u003cbr\u003e        path         = optional(string)\u003cbr\u003e        query_string = optional(string)\u003cbr\u003e        components   = optional(string)\u003cbr\u003e        reroute      = optional(bool)\u003cbr\u003e      }))\u003cbr\u003e    }))\u003cbr\u003e  }))\u003c/pre\u003e | `[]` | no |\n| \u003ca name=\"input_force_firewall_policy_association\"\u003e\u003c/a\u003e [force\\_firewall\\_policy\\_association](#input\\_force\\_firewall\\_policy\\_association) | Enable if the Firewall Policy is associated with the Application Gateway. | `bool` | `false` | no |\n| \u003ca name=\"input_waf_configuration\"\u003e\u003c/a\u003e [waf\\_configuration](#input\\_waf\\_configuration) | WAF configuration object (only available with WAF\\_v2 SKU) with following attributes:\u003cpre\u003e- enabled:                  Boolean to enable WAF.\u003cbr\u003e- file_upload_limit_mb:     The File Upload Limit in MB. Accepted values are in the range 1MB to 500MB.\u003cbr\u003e- firewall_mode:            The Web Application Firewall Mode. Possible values are Detection and Prevention.\u003cbr\u003e- max_request_body_size_kb: The Maximum Request Body Size in KB. Accepted values are in the range 1KB to 128KB.\u003cbr\u003e- request_body_check:       Is Request Body Inspection enabled ?\u003cbr\u003e- rule_set_type:            The Type of the Rule Set used for this Web Application Firewall.\u003cbr\u003e- rule_set_version:         The Version of the Rule Set used for this Web Application Firewall. Possible values are 2.2.9, 3.0, and 3.1.\u003cbr\u003e- disabled_rule_group:      The rule group where specific rules should be disabled. Accepted values can be found here: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#rule_group_name\u003cbr\u003e- exclusion:                WAF exclusion rules to exclude header, cookie or GET argument. More informations on: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#match_variable\u003c/pre\u003e | \u003cpre\u003eobject({\u003cbr\u003e    enabled                  = optional(bool, true)\u003cbr\u003e    file_upload_limit_mb     = optional(number, 100)\u003cbr\u003e    firewall_mode            = optional(string, \"Prevention\")\u003cbr\u003e    max_request_body_size_kb = optional(number, 128)\u003cbr\u003e    request_body_check       = optional(bool, true)\u003cbr\u003e    rule_set_type            = optional(string, \"OWASP\")\u003cbr\u003e    rule_set_version         = optional(string, 3.1)\u003cbr\u003e    disabled_rule_group = optional(list(object({\u003cbr\u003e      rule_group_name = string\u003cbr\u003e      rules           = optional(list(string))\u003cbr\u003e    })), [])\u003cbr\u003e    exclusion = optional(list(object({\u003cbr\u003e      match_variable          = string\u003cbr\u003e      selector                = optional(string)\u003cbr\u003e      selector_match_operator = optional(string)\u003cbr\u003e    })), [])\u003cbr\u003e  })\u003c/pre\u003e | `{}` | no |\n| \u003ca name=\"input_disable_waf_rules_for_dev_portal\"\u003e\u003c/a\u003e [disable\\_waf\\_rules\\_for\\_dev\\_portal](#input\\_disable\\_waf\\_rules\\_for\\_dev\\_portal) | Whether to disable some WAF rules if the APIM developer portal is hosted behind this Application Gateway. See locals.tf for the documentation link. | `bool` | `false` | no |\n| \u003ca name=\"input_subnet_id\"\u003e\u003c/a\u003e [subnet\\_id](#input\\_subnet\\_id) | Subnet ID for attaching the Application Gateway. This is a mandatory field. All App Gateway must be assigned a subnet. | `string` | n/a | yes |\n| \u003ca name=\"input_user_assigned_identity_id\"\u003e\u003c/a\u003e [user\\_assigned\\_identity\\_id](#input\\_user\\_assigned\\_identity\\_id) | User assigned identity id assigned to this resource. | `string` | `null` | no |\n| \u003ca name=\"input_appgw_private\"\u003e\u003c/a\u003e [appgw\\_private](#input\\_appgw\\_private) | Boolean variable to create a private Application Gateway. When `true`, the default http listener will listen on private IP instead of the public IP. | `bool` | `false` | no |\n| \u003ca name=\"input_appgw_private_ip\"\u003e\u003c/a\u003e [appgw\\_private\\_ip](#input\\_appgw\\_private\\_ip) | Static Private IP for Application Gateway. Must be within the range of the subnet used for Application gateway. Mandatory when\u003cbr\u003e    variable `appgw_private` is set to `true`. | `string` | `null` | no |\n| \u003ca name=\"input_enable_http2\"\u003e\u003c/a\u003e [enable\\_http2](#input\\_enable\\_http2) | Whether to enable http2 or not | `bool` | `true` | no |\n| \u003ca name=\"input_autoscaling_parameters\"\u003e\u003c/a\u003e [autoscaling\\_parameters](#input\\_autoscaling\\_parameters) | Map containing autoscaling parameters. Must contain at least min\\_capacity | \u003cpre\u003eobject({\u003cbr\u003e    min_capacity = number\u003cbr\u003e    max_capacity = optional(number, 5)\u003cbr\u003e  })\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | A mapping of tags to assign to the resource. | `map(string)` | `{}` | no |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_id\"\u003e\u003c/a\u003e [id](#output\\_id) | The ID of the Application Gateway. |\n| \u003ca name=\"output_name\"\u003e\u003c/a\u003e [name](#output\\_name) | The name of the Application Gateway. |\n| \u003ca name=\"output_frontend_ip_configuration\"\u003e\u003c/a\u003e [frontend\\_ip\\_configuration](#output\\_frontend\\_ip\\_configuration) | The frontend IP configuration of the Application Gateway. |\n| \u003ca name=\"output_frontend_port\"\u003e\u003c/a\u003e [frontend\\_port](#output\\_frontend\\_port) | The frontend port of the Application Gateway. |\n| \u003ca name=\"output_backend_address_pool\"\u003e\u003c/a\u003e [backend\\_address\\_pool](#output\\_backend\\_address\\_pool) | The backend address pool of the Application Gateway. |\n\u003c!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaunchbynttdata%2Ftf-azurerm-module_primitive-application_gateway","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flaunchbynttdata%2Ftf-azurerm-module_primitive-application_gateway","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaunchbynttdata%2Ftf-azurerm-module_primitive-application_gateway/lists"}