Configure WAF rate liming rule for Azure Front Door endpoint

Last updated: 12/10/2019

This template configures a WAF rule for Azure Front Door to rate limit incoming traffic for a given frontend host.

This Azure Resource Manager (ARM) template was created by a member of the community and not by Microsoft. Each ARM template is licensed to you under a licence agreement by its owner, not Microsoft. Microsoft is not responsible for ARM templates provided and licensed by community members and does not screen for security, compatibility or performance. Community ARM templates are not supported under any Microsoft support programme or service, and are made available AS IS without warranty of any kind.

Parameters

Parameter Name Description
wafPolicyName The name of the WAF policy
wafMode Describes if it is in detection mode or prevention mode at policy level.
rateLimitDurationInMinutes Defines rate limit duration. Default - 1 minute.
rateLimitThreshold Defines rate limit thresold.
rateLimitAction Type of Action based on the match filter. Must be Allow, Block or Log.
ipMatch The operator to be matched.

Use the template

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-rate-limiting/azuredeploy.json
Installing and configuring Azure PowerShell

Command line

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-rate-limiting/azuredeploy.json
Installing and configuring the Azure cross-platform command-line interface