Azure Web Application Firewall: WAF config versus WAF policy - Microsoft Tech Community
What is Web Application Firewall (WAF) config?
WAF config is the built-in method to configure WAF on Azure Application Gateway, and it is local to each individual Azure Application Gateway resource. When you create an Azure Application Gateway with either the WAF or the WAF_v2 SKU, you will see a new item on the menu blade called "Web application firewall" that displays WAF configuration options.
The biggest drawback of using WAF config is that not all WAF settings are displayed in the portal UI. For example, you cannot configure or manage custom rules in the portal: you must use PowerShell or Azure CLI for that. Additionally, WAF config is a setting within an Azure Application Gateway resource. For this reason, each WAF config must be managed individually, and its configuration applies globally for everything within that specific Azure Application Gateway resource. WAF config does not exist on Azure Front Door.