Function New-AppTierApplicationPool {
<#
.SYNOPSIS
	Create a new application pool
    TODO: This function should be deprecated as of April 2021

.DESCRIPTION
    Install a Web Application Pool to the appropriate place.
	Will ensure appropriate app pool exists

.PARAMETER AppPoolName
    [string] The name of the web application.

.PARAMETER Credential
    [PSCredential] The credentials to use for configuration here

.PARAMETER IsGMSAAccount
    [Switch] Is the account credential a GMSAAccount

.INPUTS
    AppPoolName and Credential are required.

.OUTPUTS
    Various diagnostic information about the install process

.EXAMPLE
    New-AppTierApplicationPool -AppPoolName BankService -SourcePath C:\Orb\BankService -IsLegacy

Various diagnostic information about the install process.

#>
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$true, Position=0)]
        [string]$AppPoolName,

        ## TODO: cbrand - 2019-08-19 - Replace the -Credential parameter with a call to (Get-AppServiceAccountName $appPool.WebAppName) if we will only use gMSA accounts or just embed that lookup below.
        ## see also New-AppTierApplicationPools
        ## This is to support SDK where we can use the same value without passing anything in for $username. That function knows how to support SDK username lookups.
        ## We just need to do the right thing here when the username is blank (run as the default IISApplication user identity)
        ## This almost certainly means we should consider a downgrade strategy where we take away the assigned app pool identity too.
        [Parameter(Mandatory=$true, Position=1)]
        [PSCredential]$Credential,

        [Parameter(Mandatory=$false, Position=2)]
        [switch]$IsGMSAAccount
    )
    process {
        $logLead = (Get-LogLeadName)

        $appPoolPath = (Join-Path "IIS:\AppPools" $AppPoolName)
        $appPool = (Get-Item $appPoolPath -ErrorAction SilentlyContinue)

        if ($null -eq $appPool) {
            Write-Verbose "$logLead : Application Pool Not Found - $AppPoolName"
            (New-WebAppPool -Name $AppPoolName) | Out-Null
            (Set-AlkamiWebAppPoolConfiguration $AppPoolName) | Out-Null
            Write-Host "$logLead : Application Pool Created - $AppPoolName"
        }

        if ($Credential.Username -ne "REPLACEME") {
            Write-Host "$logLead : Setting Application Pool Execution Account on $AppPoolName"
            $value = @{userName=$Credential.UserName;identitytype=3}

            # the default expectation is gMSA, this is the exceptional case, might as well just overwrite the value then
            if (!$IsGMSAAccount) {
                $value = @{userName=$Credential.UserName;Password=(Get-PasswordFromCredential $Credential);identitytype=3}
            }

            (Set-ItemProperty $appPoolPath -name processModel -value $value) | Out-Null
        } else {
            Write-Warning "$logLead : Value read as REPLACEME.  AppPool $AppPoolName user will not be updated"
        }
    }
}