Azure Application Gateway pricing: how to model L7 load balancer costs

L7 gateway bills usually scale with time, traffic processed, and sometimes requests. The main mistake is to budget only "one gateway" without modeling traffic and log volume (or missing peak windows).

Application Gateway pricing inputs

  • Gateway hours: base hourly charges.
  • Capacity units: throughput and new connections.
  • Data processed: GB/month through the gateway.

0) Define the gateway scope

  • Environments: prod + staging + dev (hours multiply quickly).
  • Public vs private: internet-facing gateways often have meaningful egress and WAF/log exposure.
  • Baseline vs peak: gateways are designed for peaks; cost and reliability both depend on peak behavior.

1) Time (gateway-hours)

Start with the number of gateways and hours per month. If you run multiple regions or multiple environments, model them separately.

2) Requests and response sizes (traffic processed)

Request volume and response sizes determine traffic processed. If you only know RPS, convert to monthly requests, then estimate average response size to get GB/month.

Tools: RPS to monthly requests, Response transfer.

3) Data transfer (egress)

If the gateway sends data to the internet, outbound transfer is often billed separately and can dominate cost for high-bandwidth apps. Keep CDN bandwidth separate from origin egress if you front the gateway with a CDN.

Tool: Data egress cost calculator.

4) WAF and logging (the "second bill")

If WAF and access logs are enabled, model them separately. WAF is request-driven; logs are volume-driven (GB ingested + retention + query scans). During incidents, both can spike.

Tools: Log cost, Request-based pricing.

Worked estimate template (copy/paste)

  • Gateway baseline = gateways * hours/month
  • Requests/month = baseline + peak (include retries)
  • GB/month = requests/month * avg response size (GB)
  • Logs = (bytes/request) * requests/month + retention + query scans

Common pitfalls

  • Estimating only average traffic and missing peak spikes (deploys, incidents, bots).
  • Ignoring retry storms that multiply requests and logs.
  • Double-counting CDN bandwidth and origin egress as the same GB.
  • Turning on verbose access logs without retention and sampling guardrails.
  • Budgeting prod only and forgetting staging/dev gateways.

How to validate the estimate

  • Validate peak vs average RPS/GB (capacity and cost depend on peaks).
  • Validate response sizes by sampling your largest endpoints separately.
  • Confirm whether WAF and access logs are enabled and what retention window applies.

Related tools

Requests Transfer Egress Logs

Sources

Related guides

API Gateway vs ALB vs CloudFront cost: what to compare (requests, transfer, add-ons)
A practical cost comparison of API Gateway, Application Load Balancer (ALB), and CloudFront. Compare request pricing, data transfer, caching impact, WAF, logs, and the hidden line items that change the answer.
Azure API Management pricing: model requests, transfer, and log volume
A practical API Management estimate: request volume, response transfer, and logs/observability. Includes a checklist to validate retries, payload size, and usage tiers.
Azure Front Door pricing: model requests, bandwidth, and origin traffic
A practical Azure Front Door cost model: edge bandwidth, request volume, logging, and origin traffic (cache fill). Includes a checklist to validate hit rate and avoid double-counting egress.
Azure Load Balancer pricing: L4 traffic and data processing model
A practical cost model for Azure Load Balancer: hours, data processed, and egress boundaries. Includes a workflow to estimate GB processed from RPS and payload size, plus a validation checklist for peaks and retries.
Azure Key Vault pricing: estimate operations, keys/secrets, and request spikes
A practical Key Vault cost model: baseline objects (keys/secrets/certs) plus operation volume. Includes a workflow to map traffic to Key Vault calls and validate caching, retries, and hot-path mistakes.
Azure NAT Gateway cost: model hours, GB processed, and the real spike drivers
A practical Azure NAT Gateway estimate: hourly baseline, GB processed, and the common multipliers (retries, image pulls, dependency storms). Includes a validation checklist and cost-reduction levers.

Related calculators

Log Cost Calculator
Estimate total log costs: ingestion, storage, and scan/search.
Log Ingestion Cost Calculator
Estimate monthly log ingestion cost from GB/day or from event rate and $/GB pricing.
Log Retention Storage Cost Calculator
Estimate retained log storage cost from GB/day, retention days, and $/GB-month pricing.
Log Search Scan Cost Calculator
Estimate monthly scan charges from GB scanned per day and $/GB pricing.
RPS to Monthly Requests Calculator
Estimate monthly request volume from RPS, hours/day, and utilization.
API Request Cost Calculator
Estimate request-based charges from monthly requests and $ per million.

FAQ

What usually drives Application Gateway cost?
Gateway-hours are the baseline, but traffic processed and request volume (plus WAF and logging) often decide the real bill.
How do I estimate quickly?
Start with hours plus expected request rate and response size to estimate monthly GB. Add separate estimates for WAF and logs if enabled.
How do I validate?
Validate peak traffic vs average, validate retry storms, and confirm whether WAF and access logs are enabled (and retained).
Last updated: 2026-02-07