Application Gateway - Patrick Lewis Notes

## Cert Secret ```powershell # Set Variables $AppGWname = "MyApplicationGateway" $RG = "MyResourceGroup" $KV = "MyKeyVault" $CertName = "CertificateName" $ManagedID = "MyManagedIdentity" $SubscriptionID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" # Get the Application Gateway we want to modify $AppGw = Get-AzApplicationGateway -Name $AppGWname -ResourceGroupName $RG # Specify the resource id to the user assigned managed identity - This can be found by going to the properties of the managed identity Set-AzApplicationGatewayIdentity -ApplicationGateway $AppGw -UserAssignedIdentityId "/subscriptions/$SubscriptionID/resourceGroups/$RG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/$ManagedID" # Get the secret ID from Key Vault $Secret = Get-AzKeyVaultSecret -VaultName $KV -Name $CertName # Remove the secret version so AppGW will use the latest version in future syncs $SecretId = $Secret.Id.Replace($Secret.Version, "") # Specify the secret ID from Key Vault Add-AzApplicationGatewaySslCertificate -KeyVaultSecretId $SecretId -ApplicationGateway $AppGw -Name $Secret.Name # Commit the changes to the Application Gateway Set-AzApplicationGateway -ApplicationGateway $AppGw ``` ## SSL Configuration ```powershell $AppGWname = "MyApplicationGateway" $RG = "MyResourceGroup" $AppGw = get-Azapplicationgateway -Name $AppGWname -ResourceGroupName $RG Set-AzApplicationGatewaySslPolicy -PolicyType Predefined -PolicyName "AppGwSslPolicy20220101" -ApplicationGateway $AppGW $SetGW = Set-AzApplicationGateway -ApplicationGateway $AppGW ``` ## List Certs ```powershell $AppGWname = "MyApplicationGateway" $RG = "MyResourceGroup" $AppGW = Get-AzApplicationGateway -Name $AppGWname -ResourceGroupName $RG $Certs = Get-AzApplicationGatewaySslCertificate -ApplicationGateway $AppGW ``` ## Remove Certs from App Gateway ```powershell $AppGWname = "MyApplicationGateway" $RG = "MyResourceGroup" $AppGw = Get-AzApplicationGateway -Name $AppGWname -ResourceGroupName $RG Remove-AzApplicationGatewaySslCertificate -ApplicationGateway $AppGw -Name "CertificateName" Set-AzApplicationGateway -ApplicationGateway $AppGw ```