Configure WAF rate liming rule for Azure Front Door endpoint

Last updated: 10/12/2019

This template configures a WAF rule for Azure Front Door to rate limit incoming traffic for a given frontend host.

This Azure Resource Manager template was created by a member of the community and not by Microsoft. Each Resource Manager template is licensed to you under a license agreement by its owner, not Microsoft. Microsoft is not responsible for Resource Manager templates provided and licensed by community members and does not screen for security, compatibility, or performance. Community Resource Manager templates are not supported under any Microsoft support program or service, and are made available AS IS without warranty of any kind.

Parameters

Parameter Name Description
wafPolicyName The name of the WAF policy
wafMode Describes if it is in detection mode or prevention mode at policy level.
rateLimitDurationInMinutes Defines rate limit duration. Default - 1 minute.
rateLimitThreshold Defines rate limit thresold.
rateLimitAction Type of Action based on the match filter. Must be Allow, Block or Log.
ipMatch The operator to be matched.

Use the template

PowerShell

New-AzResourceGroup -Name <resource-group-name> -Location <resource-group-location> #use this command when you need to create a new resource group for your deployment
New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-rate-limiting/azuredeploy.json
Install and configure Azure PowerShell

Command line

az group create --name <resource-group-name> --location <resource-group-location> #use this command when you need to create a new resource group for your deployment
az group deployment create --resource-group <my-resource-group> --template-uri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-front-door-rate-limiting/azuredeploy.json
Install and Configure the Azure Cross-Platform Command-Line Interface