Merge pull request #202699 from vhorne/waf-cli-tut

update to use waf policy

Author: PRMerger13

articles/web-application-firewall/ag/tutorial-restrict-web-traffic-cli.md

@@ -4,7 +4,7 @@ description: Learn how to restrict web traffic with a Web Application Firewall o
 services: web-application-firewall
 author: vhorne
 ms.service: web-application-firewall
-ms.date: 03/29/2021
+ms.date: 06/23/2022
 ms.author: victorh
 ms.topic: how-to 
 ms.custom: devx-track-azurecli
@@ -66,11 +66,17 @@ az network public-ip create \
   --sku Standard
 ```
 
-## Create an application gateway with a WAF
+## Create an application gateway with a WAF policy
 
 You can use [az network application-gateway create](/cli/azure/network/application-gateway) to create the application gateway named *myAppGateway*. When you create an application gateway using the Azure CLI, you specify configuration information, such as capacity, sku, and HTTP settings. The application gateway is assigned to *myAGSubnet* and *myAGPublicIPAddress*.
 
 ```azurecli-interactive
+az network application-gateway waf-policy create \
+  --name waf-pol \
+  --resource-group myResourceGroupAG \
+  --type OWASP \
+  --version 3.2
+
 az network application-gateway create \
   --name myAppGateway \
   --location eastus \
@@ -83,14 +89,9 @@ az network application-gateway create \
   --frontend-port 80 \
   --http-settings-port 80 \
   --http-settings-protocol Http \
-  --public-ip-address myAGPublicIPAddress
-
-az network application-gateway waf-config set \
-  --enabled true \
-  --gateway-name myAppGateway \
-  --resource-group myResourceGroupAG \
-  --firewall-mode Detection \
-  --rule-set-version 3.0
+  --public-ip-address myAGPublicIPAddress \
+  --waf-policy waf-pol \
+  --priority 1
 ```
 
 It may take several minutes for the application gateway to be created. After the application gateway is created, you can see these new features of it: