AzPolicyAdvertizer

last sync: 2025-Oct-31 18:22:59 UTC

Application Gateway should be deployed with WAF enabled

Azure Landing Zones (ALZ) Policy definition

Source Repository Azure Landing Zones (ALZ) GitHub
JSON Deny-AppGW-Without-WAF
Deploy policy Deny-AppGW-Without-WAF (1.0.0) to Azure
Display name Application Gateway should be deployed with WAF enabled
Id Deny-AppGW-Without-WAF
Version 1.0.0
Details on versioning
Category Network
Description This policy enables you to restrict that Application Gateways is always deployed with WAF enabled
Cloud environments AzureChinaCloud
AzureCloud
AzureUSGovernment
Mode Indexed
Type Custom Azure Landing Zones (ALZ)
Preview False
Deprecated False
Effect Default
Deny
Allowed
Audit, Deny, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/applicationGateways/sku.name Microsoft.Network applicationGateways properties.sku.name True True
Rule resource types IF (1)
Microsoft.Network/applicationGateways
Initiatives usage none
History none
JSON compare n/a
JSON
EPAC
Deploy policy Deny-AppGW-Without-WAF (1.0.0) to Azure