Document Details
Configure Web App
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Detected Bias Types
powershell_heavy
missing_linux_example
windows_tools
windows_first
Summary
The documentation page demonstrates a strong Windows/PowerShell bias. All CLI/scripted examples are exclusively provided in PowerShell, with no Bash, Azure CLI, or Linux-native command equivalents. The scripting sections assume the use of PowerShell cmdlets (Get-AzApplicationGateway, Add-AzApplicationGatewayBackendAddressPool, etc.), which are primarily Windows-centric. There are no Linux shell or cross-platform CLI examples, and the only automation path shown is via PowerShell. Additionally, the 'devx-track-azurepowershell' metadata and the ordering of examples (PowerShell before any mention of CLI) reinforce this bias.
Recommendations
- Provide equivalent Azure CLI (az) examples for all PowerShell scripts, as Azure CLI is cross-platform and widely used on Linux and macOS.
- Include Bash shell script examples where appropriate, especially for tasks like DNS configuration, certificate management, and HTTP requests (e.g., using curl).
- Explicitly mention that all PowerShell scripts can be run on PowerShell Core on Linux/macOS, or clarify any Windows-only dependencies.
- Add a 'Linux/macOS' tab alongside 'PowerShell' and 'Azure portal' for each procedural section, ensuring parity in automation and scripting guidance.
- Avoid referencing only Windows tools or patterns (such as 'Invoke-WebRequest' without mentioning 'curl' or 'wget').
- Update metadata and introductory text to reflect support for cross-platform management, not just PowerShell.
Create Pull Request
Scan History
| Date | Scan | Status | Result |
|---|---|---|---|
| 2025-07-12 23:44 | #41 | cancelled |
Biased
|
| 2025-07-12 00:58 | #8 | cancelled |
 Clean
|
| 2025-07-10 05:06 | #7 | processing |
Clean
|
| 2025-07-09 23:22 | #6 | cancelled |
Clean
|
Flagged Code Snippets
# Configure Application Gateway to connect to backend using default App Service hostname $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $httpSettingsName = "<name for http settings to be created>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add HTTP Settings to use towards App Service: Add-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw -Protocol Https -Port 443 -PickHostNameFromBackendAddress -CookieBasedAffinity Disabled -RequestTimeout 30 # Update Application Gateway with the new added HTTP settings and probe: Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $httpListenerName = "<name for existing http listener (without rule) to route traffic from>" $httpSettingsName = "<name for http settings to use>" $appGwBackendPoolNameForAppSvc = "<name for backend pool to route to>" $reqRoutingRuleName = "<name for request routing rule to be added>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Get HTTP Settings: $httpListener = Get-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw $httpSettings = Get-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw $backendPool = Get-AzApplicationGatewayBackendAddressPool -Name $appGwBackendPoolNameForAppSvc -ApplicationGateway $gw # Add routing rule: Add-AzApplicationGatewayRequestRoutingRule -Name $reqRoutingRuleName -ApplicationGateway $gw -RuleType Basic -BackendHttpSettings $httpSettings -HttpListener $httpListener -BackendAddressPool $backendPool # Update Application Gateway with the new routing rule: Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Check health: Get-AzApplicationGatewayBackendHealth -ResourceGroupName $rgName -Name $appGwName
# Fully qualified default domain name of the web app: $webAppFQDN = "<nameofwebapp>.azurewebsite.net" # For Application Gateway: both name, resource group and name for the backend pool to create: $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $appGwBackendPoolNameForAppSvc = "<name for backend pool to be added>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add a new Backend Pool with App Service in there: Add-AzApplicationGatewayBackendAddressPool -Name $appGwBackendPoolNameForAppSvc -ApplicationGateway $gw -BackendFqdns $webAppFQDN # Update Application Gateway with the new added Backend Pool: Set-AzApplicationGateway -ApplicationGateway $gw
# Configure Application Gateway to connect to App Service using the incoming hostname $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $customProbeName = "<name for custom health probe>" $customDomainName = "<FQDN for custom domain associated with App Service>" $httpSettingsName = "<name for http settings to be created>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add custom health probe using custom domain name: Add-AzApplicationGatewayProbeConfig -Name $customProbeName -ApplicationGateway $gw -Protocol Https -HostName $customDomainName -Path "/" -Interval 30 -Timeout 120 -UnhealthyThreshold 3 $probe = Get-AzApplicationGatewayProbeConfig -Name $customProbeName -ApplicationGateway $gw # Add HTTP Settings to use towards App Service: Add-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw -Protocol Https -Port 443 -Probe $probe -CookieBasedAffinity Disabled -RequestTimeout 30 # Update Application Gateway with the new added HTTP settings and probe: Set-AzApplicationGateway -ApplicationGateway $gw
# Configure Application Gateway to connect to backend using default App Service hostname $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $httpSettingsName = "<name for http settings to be created>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add HTTP Settings to use towards App Service: Add-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw -Protocol Https -Port 443 -PickHostNameFromBackendAddress -CookieBasedAffinity Disabled -RequestTimeout 30 # Update Application Gateway with the new added HTTP settings and probe: Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Check health: Get-AzApplicationGatewayBackendHealth -ResourceGroupName $rgName -Name $appGwName
# Fully qualified default domain name of the web app: $webAppFQDN = "<nameofwebapp>.azurewebsite.net" # For Application Gateway: both name, resource group and name for the backend pool to create: $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $appGwBackendPoolNameForAppSvc = "<name for backend pool to be added>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add a new Backend Pool with App Service in there: Add-AzApplicationGatewayBackendAddressPool -Name $appGwBackendPoolNameForAppSvc -ApplicationGateway $gw -BackendFqdns $webAppFQDN # Update Application Gateway with the new added Backend Pool: Set-AzApplicationGateway -ApplicationGateway $gw
# Configure Application Gateway to connect to App Service using the incoming hostname $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $customProbeName = "<name for custom health probe>" $customDomainName = "<FQDN for custom domain associated with App Service>" $httpSettingsName = "<name for http settings to be created>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add custom health probe using custom domain name: Add-AzApplicationGatewayProbeConfig -Name $customProbeName -ApplicationGateway $gw -Protocol Https -HostName $customDomainName -Path "/" -Interval 30 -Timeout 120 -UnhealthyThreshold 3 $probe = Get-AzApplicationGatewayProbeConfig -Name $customProbeName -ApplicationGateway $gw # Add HTTP Settings to use towards App Service: Add-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw -Protocol Https -Port 443 -Probe $probe -CookieBasedAffinity Disabled -RequestTimeout 30 # Update Application Gateway with the new added HTTP settings and probe: Set-AzApplicationGateway -ApplicationGateway $gw
# This script assumes that:
# - a certificate was imported in Azure Key Vault already
# - a managed identity was assigned to Application Gateway with access to the certificate
# - there is no HTTP listener defined yet for HTTPS on port 443
$rgName = "<name of resource group for App Gateway>"
$appGwName = "<name of the App Gateway>"
$appGwSSLCertificateName = "<name for ssl cert to be created within Application Gateway"
$appGwSSLCertificateKeyVaultSecretId = "<key vault secret id for the SSL certificate to use>"
$httpListenerName = "<name for the listener to add>"
# Get existing Application Gateway:
$gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName
# Create SSL certificate object for Application Gateway:
Add-AzApplicationGatewaySslCertificate -Name $appGwSSLCertificateName -ApplicationGateway $gw -KeyVaultSecretId $appGwSSLCertificateKeyVaultSecretId
$sslCert = Get-AzApplicationGatewaySslCertificate -Name $appGwSSLCertificateName -ApplicationGateway $gw
# Fetch public ip associated with Application Gateway:
$ipAddressResourceId = $gw.FrontendIPConfigurations.PublicIPAddress.Id
$ipAddressResource = Get-AzResource -ResourceId $ipAddressResourceId
$publicIp = Get-AzPublicIpAddress -ResourceGroupName $ipAddressResource.ResourceGroupName -Name $ipAddressResource.Name
$frontendIpConfig = $gw.FrontendIpConfigurations | Where-Object {$_.PublicIpAddress -ne $null}
$port = New-AzApplicationGatewayFrontendPort -Name "port_443" -Port 443
Add-AzApplicationGatewayFrontendPort -Name "port_443" -ApplicationGateway $gw -Port 443
Add-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw -Protocol Https -FrontendIPConfiguration $frontendIpConfig -FrontendPort $port -SslCertificate $sslCert
# Update Application Gateway with the new HTTPS listener:
Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>"
$appGwName = "<name of the App Gateway>"
$httpListenerName = "<name for the listener to add if not exists yet>"
# Get existing Application Gateway:
$gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName
# Check if HTTP listener on port 80 already exists:
$port = $gw.FrontendPorts | Where-Object {$_.Port -eq 80}
$listener = $gw.HttpListeners | Where-Object {$_.Protocol.ToString().ToLower() -eq "http" -and $_.FrontendPort.Id -eq $port.Id}
if ($listener -eq $null){
$frontendIpConfig = $gw.FrontendIpConfigurations | Where-Object {$_.PublicIpAddress -ne $null}
Add-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw -Protocol Http -FrontendIPConfiguration $frontendIpConfig -FrontendPort $port
# Update Application Gateway with the new HTTPS listener:
Set-AzApplicationGateway -ApplicationGateway $gw
}
$customDomainName = "<FQDN for custom domain pointing to Application Gateway>" Invoke-WebRequest $customDomainName
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Check health: Get-AzApplicationGatewayBackendHealth -ResourceGroupName $rgName -Name $appGwName
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Get ip address: $ipAddressResourceId = $gw.FrontendIPConfigurations.PublicIPAddress.Id $ipAddressResource = Get-AzResource -ResourceId $ipAddressResourceId $publicIp = Get-AzPublicIpAddress -ResourceGroupName $ipAddressResource.ResourceGroupName -Name $ipAddressResource.Name Write-Host "Public ip address for Application Gateway is $($publicIp.IpAddress)" Invoke-WebRequest "http://$($publicIp.IpAddress)"
# This script assumes that:
# - a certificate was imported in Azure Key Vault already
# - a managed identity was assigned to Application Gateway with access to the certificate
# - there is no HTTP listener defined yet for HTTPS on port 443
$rgName = "<name of resource group for App Gateway>"
$appGwName = "<name of the App Gateway>"
$appGwSSLCertificateName = "<name for ssl cert to be created within Application Gateway"
$appGwSSLCertificateKeyVaultSecretId = "<key vault secret id for the SSL certificate to use>"
$httpListenerName = "<name for the listener to add>"
# Get existing Application Gateway:
$gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName
# Create SSL certificate object for Application Gateway:
Add-AzApplicationGatewaySslCertificate -Name $appGwSSLCertificateName -ApplicationGateway $gw -KeyVaultSecretId $appGwSSLCertificateKeyVaultSecretId
$sslCert = Get-AzApplicationGatewaySslCertificate -Name $appGwSSLCertificateName -ApplicationGateway $gw
# Fetch public ip associated with Application Gateway:
$ipAddressResourceId = $gw.FrontendIPConfigurations.PublicIPAddress.Id
$ipAddressResource = Get-AzResource -ResourceId $ipAddressResourceId
$publicIp = Get-AzPublicIpAddress -ResourceGroupName $ipAddressResource.ResourceGroupName -Name $ipAddressResource.Name
$frontendIpConfig = $gw.FrontendIpConfigurations | Where-Object {$_.PublicIpAddress -ne $null}
$port = New-AzApplicationGatewayFrontendPort -Name "port_443" -Port 443
Add-AzApplicationGatewayFrontendPort -Name "port_443" -ApplicationGateway $gw -Port 443
Add-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw -Protocol Https -FrontendIPConfiguration $frontendIpConfig -FrontendPort $port -SslCertificate $sslCert
# Update Application Gateway with the new HTTPS listener:
Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>"
$appGwName = "<name of the App Gateway>"
$httpListenerName = "<name for the listener to add if not exists yet>"
# Get existing Application Gateway:
$gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName
# Check if HTTP listener on port 80 already exists:
$port = $gw.FrontendPorts | Where-Object {$_.Port -eq 80}
$listener = $gw.HttpListeners | Where-Object {$_.Protocol.ToString().ToLower() -eq "http" -and $_.FrontendPort.Id -eq $port.Id}
if ($listener -eq $null){
$frontendIpConfig = $gw.FrontendIpConfigurations | Where-Object {$_.PublicIpAddress -ne $null}
Add-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw -Protocol Http -FrontendIPConfiguration $frontendIpConfig -FrontendPort $port
# Update Application Gateway with the new HTTPS listener:
Set-AzApplicationGateway -ApplicationGateway $gw
}
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $httpListenerName = "<name for existing http listener (without rule) to route traffic from>" $httpSettingsName = "<name for http settings to use>" $appGwBackendPoolNameForAppSvc = "<name for backend pool to route to>" $reqRoutingRuleName = "<name for request routing rule to be added>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Get HTTP Settings: $httpListener = Get-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw $httpSettings = Get-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw $backendPool = Get-AzApplicationGatewayBackendAddressPool -Name $appGwBackendPoolNameForAppSvc -ApplicationGateway $gw # Add routing rule: Add-AzApplicationGatewayRequestRoutingRule -Name $reqRoutingRuleName -ApplicationGateway $gw -RuleType Basic -BackendHttpSettings $httpSettings -HttpListener $httpListener -BackendAddressPool $backendPool # Update Application Gateway with the new routing rule: Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Check health: Get-AzApplicationGatewayBackendHealth -ResourceGroupName $rgName -Name $appGwName
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Get ip address: $ipAddressResourceId = $gw.FrontendIPConfigurations.PublicIPAddress.Id $ipAddressResource = Get-AzResource -ResourceId $ipAddressResourceId $publicIp = Get-AzPublicIpAddress -ResourceGroupName $ipAddressResource.ResourceGroupName -Name $ipAddressResource.Name Write-Host "Public ip address for Application Gateway is $($publicIp.IpAddress)" Invoke-WebRequest "http://$($publicIp.IpAddress)"