From cea39ae6b90021d40b90862797c7c30b02adc0eb Mon Sep 17 00:00:00 2001
From: PJ <prjelesi@microsoft.com>
Date: Fri, 5 Jul 2024 12:45:47 +0200
Subject: [PATCH 1/2] App gateway - policy id

---
 waf/azurerm_application_gateway.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/waf/azurerm_application_gateway.go b/waf/azurerm_application_gateway.go
index d86c664..99cf109 100644
--- a/waf/azurerm_application_gateway.go
+++ b/waf/azurerm_application_gateway.go
@@ -23,3 +23,12 @@ func (wf WafRules) AzurermApplicationGatewaySku() *attrvalue.SimpleRule[string]
 		"",
 	)
 }
+
+func (wf WafRules) AzurermApplicationGatewayFirewall() *attrvalue.UnknownValueRule {
+	return attrvalue.NewUnknownValueRule(
+		"azurerm_application_gateway",
+		"firewall_policy_id",
+		"https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#enable-web-application-firewall-policies",
+		"",
+	)
+}

From 6cc7d486e556526f2c9ee08232d10d9a16174334 Mon Sep 17 00:00:00 2001
From: PJ <prjelesi@microsoft.com>
Date: Fri, 5 Jul 2024 13:31:17 +0200
Subject: [PATCH 2/2] https on incoming connections

---
 waf/azurerm_application_gateway.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/waf/azurerm_application_gateway.go b/waf/azurerm_application_gateway.go
index 99cf109..48f9b34 100644
--- a/waf/azurerm_application_gateway.go
+++ b/waf/azurerm_application_gateway.go
@@ -32,3 +32,15 @@ func (wf WafRules) AzurermApplicationGatewayFirewall() *attrvalue.UnknownValueRu
 		"",
 	)
 }
+
+func (wf WafRules) AzurermApplicationGatewayListenerHttps() *attrvalue.SimpleRule[string] {
+	return attrvalue.NewSimpleNestedBlockRule[string](
+		"azurerm_application_gateway",
+		"http_listener",
+		"protocol",
+		[]string{"https", "HTTPS", "Https"},
+		"https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#secure-all-incoming-connections-with-ssl",
+		false,
+		"",
+	)
+}