Az.Network: Setting Managed RuleGroupOverride results in ApplicationGatewayFirewallUnknownRuleGroup error

[bawoodruff]

Description

Setting Managed RuleGroupOverride results in ApplicationGatewayFirewallUnknownRuleGroup error

Steps to reproduce

$DebugPreference='Continue' 
$ResourceGroup = "TestResource"
$Region = "westus"
$wafPolicySetting =
  New-AzApplicationGatewayFirewallPolicySetting `
    -Mode Prevention `
    -DisableRequestBodyCheck `
    -State Enabled

$wafOWASPRuleOverrides =
  New-AzApplicationGatewayFirewallPolicyManagedRuleGroupOverride `
    -RuleGroupName $ResourceGroup-OWASP-Override `
    -Rule $(New-AzApplicationGatewayFirewallPolicyManagedRuleOverride `
        -RuleId 920300 `
        -State Disabled)

$wafOWASPRuleSet =
  New-AzApplicationGatewayFirewallPolicyManagedRuleSet `
    -RuleSetType "OWASP" `
    -RuleSetVersion "3.0" `
    -RuleGroupOverride $wafOWASPRuleOverrides

$wafBotRuleSet =
  New-AzApplicationGatewayFirewallPolicyManagedRuleSet `
    -RuleSetType "Microsoft_BotManagerRuleSet" `
    -RuleSetVersion "0.1"

$wafManagedRule =
  New-AzApplicationGatewayFirewallPolicyManagedRule `
    -ManagedRuleSet $wafOWASPRuleSet, $wafBotRuleSet

$wafPolicy =
  New-AzApplicationGatewayFirewallPolicy `
    -Name $ResourceGroup-EmbargoPolicy `
    -ResourceGroup $ResourceGroup `
    -Location $Region `
    -ManagedRule $wafManagedRule `
    -PolicySetting $wafPolicySetting

Error Response

New-AzApplicationGatewayFirewallPolicy: 
Line |
   2 |    New-AzApplicationGatewayFirewallPolicy `
     |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: ApplicationGatewayFirewallUnknownRuleGroup
ErrorMessage: RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
OperationID : 27c8968b-b883-4fb3-8184-a2750da6f210

Environment data

Name                           Value
----                           -----
PSVersion                      7.0.3
PSEdition                      Core
GitCommitId                    7.0.3
OS                             Darwin 19.6.0 Darwin Kernel Version 19.6.0: Mon Aug 31 22:12:52 PDT 2020; root:xnu-6153.141.2~1/RELEASE_X86_64
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Script     5.0.0                 Az                                  Core,Desk 
Script     4.7.0                 Az                                  Core,Desk 
Script     2.1.0                 Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataColle…
Script     1.9.4                 Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataColle…
Script     1.7.0                 Az.Accounts                         Core,Desk {Disable-AzDataCollection, Disable-AzContextAutosave, Enable-AzDataColle…
Script     1.1.1                 Az.Advisor                          Core,Desk {Get-AzAdvisorRecommendation, Enable-AzAdvisorRecommendation, Disable-Az…
Script     2.0.0                 Az.Aks                              Core,Desk {Get-AzAksCluster, New-AzAksCluster, Remove-AzAksCluster, Import-AzAksCr…
Script     1.3.0                 Az.Aks                              Core,Desk {Get-AzAksCluster, New-AzAksCluster, Remove-AzAksCluster, Import-AzAksCr…
Script     1.0.3                 Az.Aks                              Core,Desk {Get-AzAks, New-AzAks, Remove-AzAks, Import-AzAksCredential…}
Script     1.1.4                 Az.AnalysisServices                 Core,Desk {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get-…
Script     1.1.2                 Az.AnalysisServices                 Core,Desk {Resume-AzAnalysisServicesServer, Suspend-AzAnalysisServicesServer, Get-…
Script     2.1.0                 Az.ApiManagement                    Core,Desk {Add-AzApiManagementApiToGateway, Add-AzApiManagementApiToProduct, Add-A…
Script     1.3.3                 Az.ApiManagement                    Core,Desk {Add-AzApiManagementApiToProduct, Add-AzApiManagementProductToGroup, Add…
Script     1.1.0                 Az.ApplicationInsights              Core,Desk {Get-AzApplicationInsights, New-AzApplicationInsights, Remove-AzApplicat…
Script     1.0.3                 Az.ApplicationInsights              Core,Desk {Get-AzApplicationInsights, New-AzApplicationInsights, Remove-AzApplicat…
Script     1.4.0                 Az.Automation                       Core,Desk {Get-AzAutomationHybridWorkerGroup, Remove-AzAutomationHybridWorkerGroup…
Script     1.3.5                 Az.Automation                       Core,Desk {Get-AzAutomationHybridWorkerGroup, Remove-AzAutomationHybridWorkerGroup…
Script     3.1.0                 Az.Batch                            Core,Desk {Remove-AzBatchAccount, Get-AzBatchAccount, Get-AzBatchAccountKey, New-A…
Script     2.0.2                 Az.Batch                            Core,Desk {Remove-AzBatchAccount, Get-AzBatchAccount, Get-AzBatchAccountKey, New-A…
Script     2.0.0                 Az.Billing                          Core,Desk {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get…
Script     1.0.3                 Az.Billing                          Core,Desk {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get…
Script     1.0.2                 Az.Billing                          Core,Desk {Get-AzBillingInvoice, Get-AzBillingPeriod, Get-AzEnrollmentAccount, Get…
Script     1.6.0                 Az.Cdn                              Core,Desk {Get-AzCdnProfile, Get-AzCdnProfileSsoUrl, New-AzCdnProfile, Remove-AzCd…
Script     1.4.3                 Az.Cdn                              Core,Desk {Get-AzCdnProfile, Get-AzCdnProfileSsoUrl, New-AzCdnProfile, Remove-AzCd…
Script     1.4.2                 Az.Cdn                              Core,Desk {Get-AzCdnProfile, Get-AzCdnProfileSsoUrl, New-AzCdnProfile, Remove-AzCd…
Script     1.8.0                 Az.CognitiveServices                Core,Desk {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-…
Script     1.6.0                 Az.CognitiveServices                Core,Desk {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-…
Script     1.2.2                 Az.CognitiveServices                Core,Desk {Get-AzCognitiveServicesAccount, Get-AzCognitiveServicesAccountKey, Get-…
Script     4.6.0                 Az.Compute                          Core,Desk {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet,…
Script     4.4.0                 Az.Compute                          Core,Desk {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet,…
Script     3.3.0                 Az.Compute                          Core,Desk {Remove-AzAvailabilitySet, Get-AzAvailabilitySet, New-AzAvailabilitySet,…
Script     1.0.3                 Az.ContainerInstance                Core,Desk {New-AzContainerGroup, Get-AzContainerGroup, Remove-AzContainerGroup, Ge…
Script     2.0.0                 Az.ContainerRegistry                Core,Desk {New-AzContainerRegistry, Get-AzContainerRegistry, Update-AzContainerReg…
Script     1.1.1                 Az.ContainerRegistry                Core,Desk {New-AzContainerRegistry, Get-AzContainerRegistry, Update-AzContainerReg…
Script     1.1.0                 Az.DataBoxEdge                      Core,Desk {Get-AzDataBoxEdgeJob, Get-AzDataBoxEdgeDevice, Invoke-AzDataBoxEdgeDevi…
Script     1.0.1                 Az.Databricks                       Core,Desk {Get-AzDatabricksVNetPeering, Get-AzDatabricksWorkspace, New-AzDatabrick…
Script     1.11.0                Az.DataFactory                      Core,Desk {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remov…
Script     1.10.1                Az.DataFactory                      Core,Desk {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remov…
Script     1.6.0                 Az.DataFactory                      Core,Desk {Set-AzDataFactoryV2, Update-AzDataFactoryV2, Get-AzDataFactoryV2, Remov…
Script     1.0.2                 Az.DataLakeAnalytics                Core,Desk {Get-AzDataLakeAnalyticsDataSource, New-AzDataLakeAnalyticsCatalogCreden…
Script     1.2.8                 Az.DataLakeStore                    Core,Desk {Get-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreTrustedIdPr…
Script     1.2.6                 Az.DataLakeStore                    Core,Desk {Get-AzDataLakeStoreTrustedIdProvider, Remove-AzDataLakeStoreTrustedIdPr…
Script     1.0.0                 Az.DataShare                        Core,Desk {New-AzDataShareAccount, Get-AzDataShareAccount, Remove-AzDataShareAccou…
Script     1.1.0                 Az.DeploymentManager                Core,Desk {Get-AzDeploymentManagerArtifactSource, New-AzDeploymentManagerArtifactS…
Script     1.0.2                 Az.DeploymentManager                Core,Desk {Get-AzDeploymentManagerArtifactSource, New-AzDeploymentManagerArtifactS…
Script     2.0.0                 Az.DesktopVirtualization            Core,Desk {Disconnect-AzWvdUserSession, Get-AzWvdApplication, Get-AzWvdApplication…
Script     1.0.0                 Az.DesktopVirtualization            Core,Desk {Disconnect-AzWvdUserSession, Get-AzWvdApplication, Get-AzWvdApplication…
Script     1.0.2                 Az.DevTestLabs                      Core,Desk {Get-AzDtlAllowedVMSizesPolicy, Get-AzDtlAutoShutdownPolicy, Get-AzDtlAu…
Script     1.1.2                 Az.Dns                              Core,Desk {Get-AzDnsRecordSet, New-AzDnsRecordConfig, Remove-AzDnsRecordSet, Set-A…
Script     1.3.0                 Az.EventGrid                        Core,Desk {New-AzEventGridTopic, Get-AzEventGridTopic, Set-AzEventGridTopic, New-A…
Script     1.2.3                 Az.EventGrid                        Core,Desk {New-AzEventGridTopic, Get-AzEventGridTopic, Set-AzEventGridTopic, New-A…
Script     1.7.0                 Az.EventHub                         Core,Desk {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespa…
Script     1.6.0                 Az.EventHub                         Core,Desk {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespa…
Script     1.4.3                 Az.EventHub                         Core,Desk {New-AzEventHubNamespace, Get-AzEventHubNamespace, Set-AzEventHubNamespa…
Script     1.6.1                 Az.FrontDoor                        Core,Desk {New-AzFrontDoor, Get-AzFrontDoor, Set-AzFrontDoor, Remove-AzFrontDoor…}
Script     1.3.0                 Az.FrontDoor                        Core,Desk {New-AzFrontDoor, Get-AzFrontDoor, Set-AzFrontDoor, Remove-AzFrontDoor…}
Script     2.0.0                 Az.Functions                        Core,Desk {Get-AzFunctionApp, Get-AzFunctionAppAvailableLocation, Get-AzFunctionAp…
Script     1.0.2                 Az.Functions                        Core,Desk {Get-AzFunctionApp, Get-AzFunctionAppAvailableLocation, Get-AzFunctionAp…
Script     4.0.0                 Az.HDInsight                        Core,Desk {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsight…
Script     3.6.0                 Az.HDInsight                        Core,Desk {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsight…
Script     3.0.2                 Az.HDInsight                        Core,Desk {Get-AzHDInsightJob, New-AzHDInsightSqoopJobDefinition, Wait-AzHDInsight…
Script     1.1.0                 Az.HealthcareApis                   Core,Desk {New-AzHealthcareApisService, Remove-AzHealthcareApisService, Set-AzHeal…
Script     1.0.1                 Az.HealthcareApis                   Core,Desk {New-AzHealthcareApisService, Remove-AzHealthcareApisService, Set-AzHeal…
Script     2.6.0                 Az.IotHub                           Core,Desk {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnect…
Script     2.5.0                 Az.IotHub                           Core,Desk {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnect…
Script     2.0.1                 Az.IotHub                           Core,Desk {Add-AzIotHubKey, Get-AzIotHubEventHubConsumerGroup, Get-AzIotHubConnect…
Script     3.0.0                 Az.KeyVault                         Core,Desk {Add-AzManagedHsmKey, Get-AzManagedHsmKey, Remove-AzManagedHsmKey, Undo-…
Script     2.2.0                 Az.KeyVault                         Core,Desk {Add-AzKeyVaultCertificate, Update-AzKeyVaultCertificate, Stop-AzKeyVaul…
Script     1.4.0                 Az.KeyVault                         Core,Desk {Add-AzKeyVaultCertificate, Update-AzKeyVaultCertificate, Stop-AzKeyVaul…
Script     1.0.0                 Az.Kusto                            Core,Desk {Add-AzKustoClusterLanguageExtension, Add-AzKustoDatabasePrincipal, Get-…
Script     1.3.2                 Az.LogicApp                         Core,Desk {Get-AzIntegrationAccountAgreement, Get-AzIntegrationAccountAssembly, Ge…
Script     1.1.3                 Az.MachineLearning                  Core,Desk {Move-AzMlCommitmentAssociation, Get-AzMlCommitmentAssociation, Get-AzMl…
Script     1.1.0                 Az.Maintenance                      Core,Desk {Get-AzApplyUpdate, Get-AzConfigurationAssignment, Get-AzMaintenanceConf…
Script     2.0.0                 Az.ManagedServices                  Core,Desk {Get-AzManagedServicesAssignment, New-AzManagedServicesAssignment, Remov…
Script     1.1.0                 Az.ManagedServices                  Core,Desk {Get-AzManagedServicesAssignment, New-AzManagedServicesAssignment, Remov…
Script     1.0.2                 Az.ManagedServices                  Core,Desk {Get-AzManagedServicesAssignment, New-AzManagedServicesAssignment, Remov…
Script     1.0.2                 Az.MarketplaceOrdering              Core,Desk {Get-AzMarketplaceTerms, Set-AzMarketplaceTerms}
Script     1.1.1                 Az.Media                            Core,Desk {Sync-AzMediaServiceStorageKey, Set-AzMediaServiceKey, Get-AzMediaServic…
Script     2.2.0                 Az.Monitor                          Core,Desk {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogPro…
Script     2.1.0                 Az.Monitor                          Core,Desk {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogPro…
Script     1.5.0                 Az.Monitor                          Core,Desk {Get-AzMetricDefinition, Get-AzMetric, Remove-AzLogProfile, Get-AzLogPro…
Script     4.1.0                 Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGat…
Script     3.4.0                 Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGat…
Script     2.2.1                 Az.Network                          Core,Desk {Add-AzApplicationGatewayAuthenticationCertificate, Get-AzApplicationGat…
Script     1.1.1                 Az.NotificationHubs                 Core,Desk {Get-AzNotificationHub, Get-AzNotificationHubAuthorizationRule, Get-AzNo…
Script     2.3.0                 Az.OperationalInsights              Core,Desk {New-AzOperationalInsightsAzureActivityLogDataSource, New-AzOperationalI…
Script     1.3.4                 Az.OperationalInsights              Core,Desk {New-AzOperationalInsightsAzureActivityLogDataSource, New-AzOperationalI…
Script     1.3.1                 Az.PolicyInsights                   Core,Desk {Get-AzPolicyEvent, Get-AzPolicyState, Get-AzPolicyStateSummary, Get-AzP…
Script     1.1.4                 Az.PolicyInsights                   Core,Desk {Get-AzPolicyEvent, Get-AzPolicyState, Get-AzPolicyStateSummary, Get-AzP…
Script     1.1.2                 Az.PowerBIEmbedded                  Core,Desk {Remove-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollection, …
Script     1.1.1                 Az.PowerBIEmbedded                  Core,Desk {Remove-AzPowerBIWorkspaceCollection, Get-AzPowerBIWorkspaceCollection, …
Script     1.0.3                 Az.PrivateDns                       Core,Desk {Get-AzPrivateDnsZone, Remove-AzPrivateDnsZone, Set-AzPrivateDnsZone, Ne…
Script     1.0.2                 Az.PrivateDns                       Core,Desk {Get-AzPrivateDnsZone, Remove-AzPrivateDnsZone, Set-AzPrivateDnsZone, Ne…
Script     3.0.0                 Az.RecoveryServices                 Core,Desk {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-…
Script     2.12.1                Az.RecoveryServices                 Core,Desk {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-…
Script     2.4.0                 Az.RecoveryServices                 Core,Desk {Get-AzRecoveryServicesBackupProperty, Get-AzRecoveryServicesVault, Get-…
Script     1.4.0                 Az.RedisCache                       Core,Desk {Remove-AzRedisCachePatchSchedule, New-AzRedisCacheScheduleEntry, Get-Az…
Script     1.2.1                 Az.RedisCache                       Core,Desk {Remove-AzRedisCachePatchSchedule, New-AzRedisCacheScheduleEntry, Get-Az…
Script     1.0.3                 Az.Relay                            Core,Desk {New-AzRelayNamespace, Get-AzRelayNamespace, Set-AzRelayNamespace, Remov…
Script     3.0.0                 Az.Resources                        Core,Desk {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment,…
Script     2.5.1                 Az.Resources                        Core,Desk {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment,…
Script     1.9.1                 Az.Resources                        Core,Desk {Get-AzProviderOperation, Remove-AzRoleAssignment, Get-AzRoleAssignment,…
Script     1.4.1                 Az.ServiceBus                       Core,Desk {New-AzServiceBusNamespace, Get-AzServiceBusNamespace, Set-AzServiceBusN…
Script     2.2.0                 Az.ServiceFabric                    Core,Desk {Add-AzServiceFabricClientCertificate, Add-AzServiceFabricClusterCertifi…
Script     2.0.1                 Az.ServiceFabric                    Core,Desk {Add-AzServiceFabricClientCertificate, Add-AzServiceFabricClusterCertifi…
Script     1.2.0                 Az.SignalR                          Core,Desk {New-AzSignalR, Get-AzSignalR, Get-AzSignalRKey, New-AzSignalRKey…}
Script     1.1.1                 Az.SignalR                          Core,Desk {New-AzSignalR, Get-AzSignalR, Get-AzSignalRKey, New-AzSignalRKey…}
Script     2.11.1                Az.Sql                              Core,Desk {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparen…
Script     2.10.0                Az.Sql                              Core,Desk {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparen…
Script     2.1.2                 Az.Sql                              Core,Desk {Get-AzSqlDatabaseTransparentDataEncryption, Get-AzSqlDatabaseTransparen…
Script     1.1.0                 Az.SqlVirtualMachine                Core,Desk {New-AzSqlVM, Get-AzSqlVM, Update-AzSqlVM, Remove-AzSqlVM…}
Script     1.0.2                 Az.SqlVirtualMachine                Core,Desk {New-AzSqlVM, Get-AzSqlVM, Update-AzSqlVM, Remove-AzSqlVM…}
Script     3.0.0                 Az.Storage                          Core,Desk {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, Ne…
Script     2.6.0                 Az.Storage                          Core,Desk {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, Ne…
Script     1.11.0                Az.Storage                          Core,Desk {Get-AzStorageAccount, Get-AzStorageAccountKey, New-AzStorageAccount, Ne…
Script     1.3.0                 Az.StorageSync                      Core,Desk {Invoke-AzStorageSyncCompatibilityCheck, New-AzStorageSyncService, Get-A…
Script     1.2.2                 Az.StorageSync                      Core,Desk {Invoke-AzStorageSyncCompatibilityCheck, New-AzStorageSyncService, Get-A…
Script     1.0.1                 Az.StreamAnalytics                  Core,Desk {Get-AzStreamAnalyticsFunction, Get-AzStreamAnalyticsDefaultFunctionDefi…
Script     1.0.0                 Az.Support                          Core,Desk {Get-AzSupportService, Get-AzSupportProblemClassification, Get-AzSupport…
Script     1.0.4                 Az.TrafficManager                   Core,Desk {Add-AzTrafficManagerCustomHeaderToEndpoint, Remove-AzTrafficManagerCust…
Script     1.0.3                 Az.TrafficManager                   Core,Desk {Add-AzTrafficManagerCustomHeaderToEndpoint, Remove-AzTrafficManagerCust…
Script     2.0.0                 Az.Websites                         Core,Desk {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remov…
Script     1.11.0                Az.Websites                         Core,Desk {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remov…
Script     1.5.1                 Az.Websites                         Core,Desk {Get-AzAppServicePlan, Set-AzAppServicePlan, New-AzAppServicePlan, Remov…

    Directory: /usr/local/microsoft/powershell/7/Modules

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Manifest   1.2.5                 Microsoft.PowerShell.Archive        Desk      {Compress-Archive, Expand-Archive}
Manifest   7.0.0.0               Microsoft.PowerShell.Host           Core      {Start-Transcript, Stop-Transcript}
Manifest   7.0.0.0               Microsoft.PowerShell.Management     Core      {Add-Content, Clear-Content, Clear-ItemProperty, Join-Path…}
Manifest   7.0.0.0               Microsoft.PowerShell.Security       Core      {Get-Credential, Get-ExecutionPolicy, Set-ExecutionPolicy, ConvertFrom-S…
Manifest   7.0.0.0               Microsoft.PowerShell.Utility        Core      {Export-Alias, Get-Alias, Import-Alias, New-Alias…}
Script     1.4.7                 PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource…}
Script     2.2.4.1               PowerShellGet                       Desk      {Find-Command, Find-DSCResource, Find-Module, Find-RoleCapability…}
Script     2.0.5                 PSDesiredStateConfiguration         Core      {Configuration, New-DscChecksum, Get-DscResource, Invoke-DscResource}
Script     2.0.2                 PSReadLine                          Desk      {Get-PSReadLineKeyHandler, Set-PSReadLineKeyHandler, Remove-PSReadLineKe…
Binary     2.0.3                 ThreadJob                           Desk      Start-ThreadJob

Debug output

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://management.azure.com/subscriptions/<subscription id>/resourceGroups/TestResource/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/TestResource-EmbargoPolicy?api-version=2020-06-01

Headers:
x-ms-client-request-id        : 65faf393-8b54-4b39-baba-19948c51cd0f
Accept-Language               : en-US

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
NotFound

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-failure-cause            : gateway
x-ms-request-id               : 6089ee9f-3e33-4f9a-9991-aacaea91b069
x-ms-correlation-request-id   : 6089ee9f-3e33-4f9a-9991-aacaea91b069
x-ms-routing-request-id       : WESTUS2:20201029T191803Z:6089ee9f-3e33-4f9a-9991-aacaea91b069
Strict-Transport-Security     : max-age=31536000; includeSubDomains
X-Content-Type-Options        : nosniff
Date                          : Thu, 29 Oct 2020 19:18:03 GMT

Body:
{
  "error": {
    "code": "ResourceNotFound",
    "message": "The Resource 'Microsoft.Network/applicationGatewayWebApplicationFirewallPolicies/TestResource-EmbargoPolicy' under resource group 'TestResource' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"
  }
}

DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
PUT

Absolute Uri:
https://management.azure.com/subscriptions/<removed subscription id>/resourceGroups/TestResource/providers/Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies/TestResource-EmbargoPolicy?api-version=2020-06-01

Headers:
x-ms-client-request-id        : 9e3f5b92-44ab-41de-ab81-f600c8429b3a
Accept-Language               : en-US

Body:
{
  "properties": {
    "policySettings": {
      "state": "Enabled",
      "mode": "Prevention",
      "requestBodyCheck": false,
      "maxRequestBodySizeInKb": 128,
      "fileUploadLimitInMb": 100
    },
    "customRules": [],
    "managedRules": {
      "exclusions": [],
      "managedRuleSets": [
        {
          "ruleSetType": "OWASP",
          "ruleSetVersion": "3.0",
          "ruleGroupOverrides": [
            {
              "ruleGroupName": "TestResource-OWASP-Override",
              "rules": [
                {
                  "ruleId": "920300",
                  "state": "Disabled"
                }
              ]
            }
          ]
        },
        {
          "ruleSetType": "Microsoft_BotManagerRuleSet",
          "ruleSetVersion": "0.1",
          "ruleGroupOverrides": []
        }
      ]
    }
  },
  "location": "westus"
}

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Cache-Control                 : no-cache
Pragma                        : no-cache
x-ms-request-id               : fd36e498-93b5-48ad-901d-fe17ed46a08a
x-ms-correlation-request-id   : 91c421a8-b7fb-4ea4-8966-b62890d2ae7e
x-ms-arm-service-request-id   : 3889aec5-c10a-4e3f-9ccc-125b891e81ce
Strict-Transport-Security     : max-age=31536000; includeSubDomains
Server                        : Microsoft-HTTPAPI/2.0,Microsoft-HTTPAPI/2.0
x-ms-ratelimit-remaining-subscription-writes: 1199
x-ms-routing-request-id       : WESTUS2:20201029T191805Z:91c421a8-b7fb-4ea4-8966-b62890d2ae7e
X-Content-Type-Options        : nosniff
Date                          : Thu, 29 Oct 2020 19:18:04 GMT

Body:
{
  "error": {
    "code": "ApplicationGatewayFirewallUnknownRuleGroup",
    "message": "RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.",
    "details": []
  }
}

New-AzApplicationGatewayFirewallPolicy: 
Line |
   2 |    New-AzApplicationGatewayFirewallPolicy `
     |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: ApplicationGatewayFirewallUnknownRuleGroup
ErrorMessage: RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
OperationID : fd36e498-93b5-48ad-901d-fe17ed46a08a
DEBUG: AzureQoSEvent: CommandName - New-AzApplicationGatewayFirewallPolicy; IsSuccess - False; Duration - 00:00:01.6138003;; Exception - Microsoft.Azure.Commands.Network.Common.NetworkCloudException: RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
StatusCode: 400
ReasonPhrase: Bad Request
ErrorCode: ApplicationGatewayFirewallUnknownRuleGroup
ErrorMessage: RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
OperationID : fd36e498-93b5-48ad-901d-fe17ed46a08a
 ---> Microsoft.Rest.Azure.CloudException: RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
   at Microsoft.Azure.Management.Network.WebApplicationFirewallPoliciesOperations.CreateOrUpdateWithHttpMessagesAsync(String resourceGroupName, String policyName, WebApplicationFirewallPolicy parameters, Dictionary`2 customHeaders, CancellationToken cancellationToken)
   at Microsoft.Azure.Management.Network.WebApplicationFirewallPoliciesOperationsExtensions.CreateOrUpdateAsync(IWebApplicationFirewallPoliciesOperations operations, String resourceGroupName, String policyName, WebApplicationFirewallPolicy parameters, CancellationToken cancellationToken)
   at Microsoft.Azure.Management.Network.WebApplicationFirewallPoliciesOperationsExtensions.CreateOrUpdate(IWebApplicationFirewallPoliciesOperations operations, String resourceGroupName, String policyName, WebApplicationFirewallPolicy parameters)
   at Microsoft.Azure.Commands.Network.NewAzureApplicationGatewayFirewallPolicyCommand.CreateApplicationGatewayFirewallPolicy()
   at Microsoft.Azure.Commands.Network.NewAzureApplicationGatewayFirewallPolicyCommand.<>c__DisplayClass36_0.<Execute>b__0()
   at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ConfirmAction(Boolean force, String continueMessage, String processMessage, String target, Action action, Func`1 useShouldContinue)
   at Microsoft.Azure.Commands.Network.NewAzureApplicationGatewayFirewallPolicyCommand.Execute()
   at Microsoft.Azure.Commands.Network.NetworkBaseCmdlet.ExecuteCmdlet()
   --- End of inner exception stack trace ---
   at Microsoft.Azure.Commands.Network.NetworkBaseCmdlet.ExecuteCmdlet()
   at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord();
DEBUG: Finish sending metric.
DEBUG: 12:18:05 PM - NewAzureApplicationGatewayFirewallPolicyCommand end processing.

Error output

   HistoryId: 85

RequestId      : 
Message        : RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in context ''.
                 StatusCode: 400
                 ReasonPhrase: Bad Request
                 ErrorCode: ApplicationGatewayFirewallUnknownRuleGroup
                 ErrorMessage: RuleGroup 'TestResource-OWASP-Override' cannot be configured since it does not exist for Application Gateway Firewall in 
                 context ''.
                 OperationID : fd36e498-93b5-48ad-901d-fe17ed46a08a
ServerMessage  : 
ServerResponse : 
RequestMessage : 
InvocationInfo : {New-AzApplicationGatewayFirewallPolicy}
Line           :   New-AzApplicationGatewayFirewallPolicy `

Position       : At line:2 char:3
                 +   New-AzApplicationGatewayFirewallPolicy `
                 +   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
StackTrace     :    at Microsoft.Azure.Commands.Network.NetworkBaseCmdlet.ExecuteCmdlet()
                    at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
HistoryId      : 85

[bawoodruff]

User error -- wrong group name, should be REQUEST-920-PROTOCOL-ENFORCEMENT