Document Details
Configure Web App
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Detected Bias Types
powershell_heavy
missing_linux_example
windows_tools
windows_first
Summary
The documentation page demonstrates a strong Windows bias by exclusively providing automation and CLI examples using Azure PowerShell cmdlets, with no equivalent Azure CLI (cross-platform) or Bash examples. All scripting and command-line instructions are written in PowerShell, which is most familiar to Windows users. There is no mention of Linux-native tools or workflows, and no guidance for users who prefer or require Bash or Azure CLI. The structure and examples assume a Windows-centric environment and toolset.
Recommendations
- Add equivalent Azure CLI (az) command examples for every PowerShell script block, using Bash syntax where appropriate.
- Explicitly mention that both Azure PowerShell and Azure CLI are supported, and provide guidance for users on both Windows and Linux.
- Where scripting is shown (e.g., for DNS, certificate management, backend pool configuration), provide Bash/Azure CLI alternatives alongside PowerShell.
- Avoid assuming PowerShell as the default automation tool; present both PowerShell and CLI/Bash options in parallel tabs.
- Include a note in the prerequisites or introduction clarifying that all steps can be performed on both Windows and Linux, and link to cross-platform tool installation guides.
Create Pull Request
Scan History
| Date | Scan | Status | Result |
|---|---|---|---|
| 2026-01-14 00:00 | #250 | in_progress |
Biased
|
| 2026-01-13 00:00 | #246 | completed |
Biased
|
| 2026-01-12 00:00 | #243 | cancelled |
Biased
|
| 2026-01-11 00:00 | #240 | completed |
Biased
|
| 2026-01-10 00:00 | #237 | completed |
Biased
|
| 2026-01-09 00:34 | #234 | completed |
Biased
|
| 2026-01-08 00:53 | #231 | completed |
 Clean
|
| 2026-01-06 18:15 | #225 | cancelled |
Clean
|
| 2025-08-17 00:01 | #83 | cancelled |
Clean
|
| 2025-07-13 21:37 | #48 | completed |
Biased
|
| 2025-07-09 13:09 | #3 | cancelled |
Clean
|
| 2025-07-08 04:23 | #2 | cancelled |
Biased
|
Flagged Code Snippets
# Fully qualified default domain name of the web app: $webAppFQDN = "<nameofwebapp>.azurewebsite.net" # For Application Gateway: both name, resource group and name for the backend pool to create: $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $appGwBackendPoolNameForAppSvc = "<name for backend pool to be added>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add a new Backend Pool with App Service in there: Add-AzApplicationGatewayBackendAddressPool -Name $appGwBackendPoolNameForAppSvc -ApplicationGateway $gw -BackendFqdns $webAppFQDN # Update Application Gateway with the new added Backend Pool: Set-AzApplicationGateway -ApplicationGateway $gw
# This script assumes that:
# - a certificate was imported in Azure Key Vault already
# - a managed identity was assigned to Application Gateway with access to the certificate
# - there is no HTTP listener defined yet for HTTPS on port 443
$rgName = "<name of resource group for App Gateway>"
$appGwName = "<name of the App Gateway>"
$appGwSSLCertificateName = "<name for ssl cert to be created within Application Gateway"
$appGwSSLCertificateKeyVaultSecretId = "<key vault secret id for the SSL certificate to use>"
$httpListenerName = "<name for the listener to add>"
# Get existing Application Gateway:
$gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName
# Create SSL certificate object for Application Gateway:
Add-AzApplicationGatewaySslCertificate -Name $appGwSSLCertificateName -ApplicationGateway $gw -KeyVaultSecretId $appGwSSLCertificateKeyVaultSecretId
$sslCert = Get-AzApplicationGatewaySslCertificate -Name $appGwSSLCertificateName -ApplicationGateway $gw
# Fetch public ip associated with Application Gateway:
$ipAddressResourceId = $gw.FrontendIPConfigurations.PublicIPAddress.Id
$ipAddressResource = Get-AzResource -ResourceId $ipAddressResourceId
$publicIp = Get-AzPublicIpAddress -ResourceGroupName $ipAddressResource.ResourceGroupName -Name $ipAddressResource.Name
$frontendIpConfig = $gw.FrontendIpConfigurations | Where-Object {$_.PublicIpAddress -ne $null}
$port = New-AzApplicationGatewayFrontendPort -Name "port_443" -Port 443
Add-AzApplicationGatewayFrontendPort -Name "port_443" -ApplicationGateway $gw -Port 443
Add-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw -Protocol Https -FrontendIPConfiguration $frontendIpConfig -FrontendPort $port -SslCertificate $sslCert
# Update Application Gateway with the new HTTPS listener:
Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>"
$appGwName = "<name of the App Gateway>"
$httpListenerName = "<name for the listener to add if not exists yet>"
# Get existing Application Gateway:
$gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName
# Check if HTTP listener on port 80 already exists:
$port = $gw.FrontendPorts | Where-Object {$_.Port -eq 80}
$listener = $gw.HttpListeners | Where-Object {$_.Protocol.ToString().ToLower() -eq "http" -and $_.FrontendPort.Id -eq $port.Id}
if ($listener -eq $null){
$frontendIpConfig = $gw.FrontendIpConfigurations | Where-Object {$_.PublicIpAddress -ne $null}
Add-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw -Protocol Http -FrontendIPConfiguration $frontendIpConfig -FrontendPort $port
# Update Application Gateway with the new HTTPS listener:
Set-AzApplicationGateway -ApplicationGateway $gw
}
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $httpListenerName = "<name for existing http listener (without rule) to route traffic from>" $httpSettingsName = "<name for http settings to use>" $appGwBackendPoolNameForAppSvc = "<name for backend pool to route to>" $reqRoutingRuleName = "<name for request routing rule to be added>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Get HTTP Settings: $httpListener = Get-AzApplicationGatewayHttpListener -Name $httpListenerName -ApplicationGateway $gw $httpSettings = Get-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw $backendPool = Get-AzApplicationGatewayBackendAddressPool -Name $appGwBackendPoolNameForAppSvc -ApplicationGateway $gw # Add routing rule: Add-AzApplicationGatewayRequestRoutingRule -Name $reqRoutingRuleName -ApplicationGateway $gw -RuleType Basic -BackendHttpSettings $httpSettings -HttpListener $httpListener -BackendAddressPool $backendPool # Update Application Gateway with the new routing rule: Set-AzApplicationGateway -ApplicationGateway $gw
$customDomainName = "<FQDN for custom domain pointing to Application Gateway>" Invoke-WebRequest $customDomainName
# Configure Application Gateway to connect to App Service using the incoming hostname $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $customProbeName = "<name for custom health probe>" $customDomainName = "<FQDN for custom domain associated with App Service>" $httpSettingsName = "<name for http settings to be created>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add custom health probe using custom domain name: Add-AzApplicationGatewayProbeConfig -Name $customProbeName -ApplicationGateway $gw -Protocol Https -HostName $customDomainName -Path "/" -Interval 30 -Timeout 120 -UnhealthyThreshold 3 $probe = Get-AzApplicationGatewayProbeConfig -Name $customProbeName -ApplicationGateway $gw # Add HTTP Settings to use towards App Service: Add-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw -Protocol Https -Port 443 -Probe $probe -CookieBasedAffinity Disabled -RequestTimeout 30 # Update Application Gateway with the new added HTTP settings and probe: Set-AzApplicationGateway -ApplicationGateway $gw
# Configure Application Gateway to connect to backend using default App Service hostname $rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" $httpSettingsName = "<name for http settings to be created>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Add HTTP Settings to use towards App Service: Add-AzApplicationGatewayBackendHttpSettings -Name $httpSettingsName -ApplicationGateway $gw -Protocol Https -Port 443 -PickHostNameFromBackendAddress -CookieBasedAffinity Disabled -RequestTimeout 30 # Update Application Gateway with the new added HTTP settings and probe: Set-AzApplicationGateway -ApplicationGateway $gw
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Check health: Get-AzApplicationGatewayBackendHealth -ResourceGroupName $rgName -Name $appGwName
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Check health: Get-AzApplicationGatewayBackendHealth -ResourceGroupName $rgName -Name $appGwName
$rgName = "<name of resource group for App Gateway>" $appGwName = "<name of the App Gateway>" # Get existing Application Gateway: $gw = Get-AzApplicationGateway -Name $appGwName -ResourceGroupName $rgName # Get ip address: $ipAddressResourceId = $gw.FrontendIPConfigurations.PublicIPAddress.Id $ipAddressResource = Get-AzResource -ResourceId $ipAddressResourceId $publicIp = Get-AzPublicIpAddress -ResourceGroupName $ipAddressResource.ResourceGroupName -Name $ipAddressResource.Name Write-Host "Public ip address for Application Gateway is $($publicIp.IpAddress)" Invoke-WebRequest "http://$($publicIp.IpAddress)"