diff --git a/services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json b/services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json new file mode 100644 index 000000000..0eceb2783 --- /dev/null +++ b/services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "23ac19cb-5eff-4cfa-9817-93466e1a94f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AVS privateClouds DiskUsedPercentage Alert", + "description": "Policy to Audit/Deploy AVS privateClouds DiskUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AVS", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DiskUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AVS/privateClouds/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DiskUsedPercentage-threshold-Override_'), field('tags._amba-DiskUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DiskUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AVS privateClouds DiskUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DiskUsedPercentage", + "metricNamespace": "Microsoft.AVS/privateClouds", + "metricName": "DiskUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DiskUsedPercentage-threshold-Override_'), field('tags._amba-DiskUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json b/services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json new file mode 100644 index 000000000..e9060e0ba --- /dev/null +++ b/services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b9f2fe91-023a-443c-b376-b12f0cd5d965", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AVS privateClouds UsageAverage Alert", + "description": "Policy to Audit/Deploy AVS privateClouds UsageAverage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AVS", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsageAverage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AVS/privateClouds/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsageAverage-threshold-Override_'), field('tags._amba-UsageAverage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsageAverage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AVS privateClouds UsageAverage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsageAverage", + "metricNamespace": "Microsoft.AVS/privateClouds", + "metricName": "UsageAverage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsageAverage-threshold-Override_'), field('tags._amba-UsageAverage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json b/services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json new file mode 100644 index 000000000..179b983be --- /dev/null +++ b/services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0289bc11-db65-4a58-91ed-fda8637322ec", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AnalysisServices servers memory_metric Alert", + "description": "Policy to Audit/Deploy AnalysisServices servers memory_metric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AnalysisServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "8000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_metric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AnalysisServices/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_metric-threshold-Override_'), field('tags._amba-memory_metric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_metric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AnalysisServices servers memory_metric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_metric", + "metricNamespace": "Microsoft.AnalysisServices/servers", + "metricName": "memory_metric", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_metric-threshold-Override_'), field('tags._amba-memory_metric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json b/services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json new file mode 100644 index 000000000..c611fd385 --- /dev/null +++ b/services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea6a4d59-822f-4fb7-a29d-69e523e95bdb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AnalysisServices servers qpu_metric Alert", + "description": "Policy to Audit/Deploy AnalysisServices servers qpu_metric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AnalysisServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "qpu_metric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AnalysisServices/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-qpu_metric-threshold-Override_'), field('tags._amba-qpu_metric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-qpu_metric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AnalysisServices servers qpu_metric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "qpu_metric", + "metricNamespace": "Microsoft.AnalysisServices/servers", + "metricName": "qpu_metric", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-qpu_metric-threshold-Override_'), field('tags._amba-qpu_metric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json b/services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json new file mode 100644 index 000000000..fc1e8e8bb --- /dev/null +++ b/services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fd5d63e0-ab2f-4300-af65-05bf2e490d0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service BackendDuration Alert", + "description": "Policy to Audit/Deploy ApiManagement service BackendDuration Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendDuration" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendDuration-threshold-Override_'), field('tags._amba-BackendDuration-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendDuration')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service BackendDuration", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendDuration", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "BackendDuration", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendDuration-threshold-Override_'), field('tags._amba-BackendDuration-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json b/services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json new file mode 100644 index 000000000..def262160 --- /dev/null +++ b/services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6b1dd1ae-05de-43d2-bdea-7981c49127fc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service Capacity Alert", + "description": "Policy to Audit/Deploy ApiManagement service Capacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Capacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Capacity-threshold-Override_'), field('tags._amba-Capacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Capacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service Capacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Capacity", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "Capacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Capacity-threshold-Override_'), field('tags._amba-Capacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json b/services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json new file mode 100644 index 000000000..bd57105cd --- /dev/null +++ b/services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "52cd4aba-4ad0-402a-880d-ba625ebcf37f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service Duration Alert", + "description": "Policy to Audit/Deploy ApiManagement service Duration Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Duration" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Duration-threshold-Override_'), field('tags._amba-Duration-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Duration')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service Duration", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Duration", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "Duration", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Duration-threshold-Override_'), field('tags._amba-Duration-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json b/services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json new file mode 100644 index 000000000..d11991450 --- /dev/null +++ b/services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1f8626fe-812a-48a7-b237-2f9181a5ea12", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service FailedRequests Alert", + "description": "Policy to Audit/Deploy ApiManagement service FailedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FailedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FailedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service FailedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FailedRequests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "FailedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json b/services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json new file mode 100644 index 000000000..72a06f00a --- /dev/null +++ b/services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2e16fd84-d92f-44ee-8191-ff47e90a9526", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service Requests Alert", + "description": "Policy to Audit/Deploy ApiManagement service Requests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Requests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Requests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service Requests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Requests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "Requests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json b/services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json new file mode 100644 index 000000000..b6fcf6dc5 --- /dev/null +++ b/services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service TotalRequests Alert", + "description": "Policy to Audit/Deploy ApiManagement service TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json b/services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json new file mode 100644 index 000000000..62508ff3a --- /dev/null +++ b/services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c0c3e784-f488-43a6-a423-18dbb444d443", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service UnauthorizedRequests Alert", + "description": "Policy to Audit/Deploy ApiManagement service UnauthorizedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UnauthorizedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UnauthorizedRequests-threshold-Override_'), field('tags._amba-UnauthorizedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UnauthorizedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service UnauthorizedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UnauthorizedRequests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "UnauthorizedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UnauthorizedRequests-threshold-Override_'), field('tags._amba-UnauthorizedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json b/services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json new file mode 100644 index 000000000..6016ca481 --- /dev/null +++ b/services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "94ae53cd-6e3b-47f5-9709-9c2e10eae6d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps Replicas Alert", + "description": "Policy to Audit/Deploy App containerApps Replicas Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Replicas" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Replicas-threshold-Override_'), field('tags._amba-Replicas-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Replicas')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps Replicas", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Replicas", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "Replicas", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Replicas-threshold-Override_'), field('tags._amba-Replicas-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json b/services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json new file mode 100644 index 000000000..7ad684b10 --- /dev/null +++ b/services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b12cad96-7ef2-4223-97f4-53b3dc64ecfa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps RestartCount Alert", + "description": "Policy to Audit/Deploy App containerApps RestartCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RestartCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RestartCount-threshold-Override_'), field('tags._amba-RestartCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RestartCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps RestartCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RestartCount", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "RestartCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RestartCount-threshold-Override_'), field('tags._amba-RestartCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json b/services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json new file mode 100644 index 000000000..e63b094f3 --- /dev/null +++ b/services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9e1306a-a541-423f-a69e-bd37f8f5013a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps UsageNanoCores Alert", + "description": "Policy to Audit/Deploy App containerApps UsageNanoCores Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "900000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsageNanoCores" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsageNanoCores-threshold-Override_'), field('tags._amba-UsageNanoCores-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsageNanoCores')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps UsageNanoCores", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsageNanoCores", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "UsageNanoCores", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsageNanoCores-threshold-Override_'), field('tags._amba-UsageNanoCores-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json b/services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json new file mode 100644 index 000000000..8c5768ca4 --- /dev/null +++ b/services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "423b4280-1f68-49d8-b11a-6a816b0d9172", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps WorkingSetBytes Alert", + "description": "Policy to Audit/Deploy App containerApps WorkingSetBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "WorkingSetBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-WorkingSetBytes-threshold-Override_'), field('tags._amba-WorkingSetBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-WorkingSetBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps WorkingSetBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "WorkingSetBytes", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "WorkingSetBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-WorkingSetBytes-threshold-Override_'), field('tags._amba-WorkingSetBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json b/services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json new file mode 100644 index 000000000..df4055b81 --- /dev/null +++ b/services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0be9dd7c-ae7f-41f7-b3a6-844e64059b73", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AppConfiguration configurationStores ThrottledHttpRequestCount Alert", + "description": "Policy to Audit/Deploy AppConfiguration configurationStores ThrottledHttpRequestCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AppConfiguration", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AppConfiguration/configurationStores" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AppConfiguration/configurationStores" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledHttpRequestCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AppConfiguration/configurationStores/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledHttpRequestCount-threshold-Override_'), field('tags._amba-ThrottledHttpRequestCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledHttpRequestCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AppConfiguration configurationStores ThrottledHttpRequestCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledHttpRequestCount", + "metricNamespace": "Microsoft.AppConfiguration/configurationStores", + "metricName": "ThrottledHttpRequestCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledHttpRequestCount-threshold-Override_'), field('tags._amba-ThrottledHttpRequestCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json b/services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json new file mode 100644 index 000000000..240fb9675 --- /dev/null +++ b/services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "74e0e3b4-62aa-4503-b05d-c5c79a029ed6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Automation Account TotalJob Alert", + "description": "Policy to Audit/Deploy Automation Account TotalJob Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Automation", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalJob" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalJob-threshold-Override_'), field('tags._amba-TotalJob-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalJob')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Automation automationAccounts TotalJob", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalJob", + "metricNamespace": "Microsoft.Automation/automationAccounts", + "metricName": "TotalJob", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalJob-threshold-Override_'), field('tags._amba-TotalJob-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json new file mode 100644 index 000000000..45446cb6b --- /dev/null +++ b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49e7f58f-4910-4d2f-8589-573e8a65c6dd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Automation automationAccounts TotalUpdateDeploymentMachineRuns Alert", + "description": "Policy to Audit/Deploy Automation automationAccounts TotalUpdateDeploymentMachineRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Automation", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalUpdateDeploymentMachineRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalUpdateDeploymentMachineRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Automation automationAccounts TotalUpdateDeploymentMachineRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalUpdateDeploymentMachineRuns", + "metricNamespace": "Microsoft.Automation/automationAccounts", + "metricName": "TotalUpdateDeploymentMachineRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json new file mode 100644 index 000000000..b2484391b --- /dev/null +++ b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c521bf0d-efec-4d3a-8541-d8749915bfd4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Automation automationAccounts TotalUpdateDeploymentRuns Alert", + "description": "Policy to Audit/Deploy Automation automationAccounts TotalUpdateDeploymentRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Automation", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalUpdateDeploymentRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalUpdateDeploymentRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Automation automationAccounts TotalUpdateDeploymentRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalUpdateDeploymentRuns", + "metricNamespace": "Microsoft.Automation/automationAccounts", + "metricName": "TotalUpdateDeploymentRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json b/services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json new file mode 100644 index 000000000..ff06cc183 --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b40fdb04-cada-4870-80f3-317afc57e5fb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts OfflineNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts OfflineNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OfflineNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OfflineNodeCount-threshold-Override_'), field('tags._amba-OfflineNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OfflineNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts OfflineNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OfflineNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "OfflineNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OfflineNodeCount-threshold-Override_'), field('tags._amba-OfflineNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json b/services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json new file mode 100644 index 000000000..58c0d594d --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8ce7d791-41a5-4d6a-9516-b009eabbd8f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts PreemptedNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts PreemptedNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PreemptedNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PreemptedNodeCount-threshold-Override_'), field('tags._amba-PreemptedNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PreemptedNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts PreemptedNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PreemptedNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "PreemptedNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PreemptedNodeCount-threshold-Override_'), field('tags._amba-PreemptedNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json b/services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json new file mode 100644 index 000000000..1cc45e9fa --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f49539ff-35b1-4d83-8541-e3cf49b383e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts RebootingNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts RebootingNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RebootingNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RebootingNodeCount-threshold-Override_'), field('tags._amba-RebootingNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RebootingNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts RebootingNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RebootingNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "RebootingNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RebootingNodeCount-threshold-Override_'), field('tags._amba-RebootingNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json b/services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json new file mode 100644 index 000000000..d228f081b --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "70b8ce6d-0d28-4997-84df-957791877eec", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts TaskFailEvent Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts TaskFailEvent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TaskFailEvent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TaskFailEvent-threshold-Override_'), field('tags._amba-TaskFailEvent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TaskFailEvent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts TaskFailEvent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TaskFailEvent", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "TaskFailEvent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TaskFailEvent-threshold-Override_'), field('tags._amba-TaskFailEvent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json b/services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json new file mode 100644 index 000000000..c5389f205 --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6c9857e4-7d6b-4384-80da-b88a2e6858ac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts UnusableNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts UnusableNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2.5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UnusableNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UnusableNodeCount-threshold-Override_'), field('tags._amba-UnusableNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UnusableNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts UnusableNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UnusableNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "UnusableNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UnusableNodeCount-threshold-Override_'), field('tags._amba-UnusableNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json b/services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json new file mode 100644 index 000000000..2b3f21643 --- /dev/null +++ b/services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af750dfc-62e5-4b74-9514-ca419d800590", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allconnectedclients Alert", + "description": "Policy to Audit/Deploy Cache Redis allconnectedclients Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "128" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allconnectedclients" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allconnectedclients-threshold-Override_'), field('tags._amba-allconnectedclients-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allconnectedclients')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allconnectedclients", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allconnectedclients", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allconnectedclients", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allconnectedclients-threshold-Override_'), field('tags._amba-allconnectedclients-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json b/services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json new file mode 100644 index 000000000..a34c8f780 --- /dev/null +++ b/services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "24c5276b-77b1-48ab-a8c1-15844b11e0aa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allpercentprocessortime Alert", + "description": "Policy to Audit/Deploy Cache Redis allpercentprocessortime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allpercentprocessortime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allpercentprocessortime-threshold-Override_'), field('tags._amba-allpercentprocessortime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allpercentprocessortime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allpercentprocessortime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allpercentprocessortime", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allpercentprocessortime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allpercentprocessortime-threshold-Override_'), field('tags._amba-allpercentprocessortime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json b/services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json new file mode 100644 index 000000000..bd147f44a --- /dev/null +++ b/services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7072ba94-41d2-4584-89ab-a5824ed045f4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allserverLoad Alert", + "description": "Policy to Audit/Deploy Cache Redis allserverLoad Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allserverLoad" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allserverLoad-threshold-Override_'), field('tags._amba-allserverLoad-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allserverLoad')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allserverLoad", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allserverLoad", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allserverLoad", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allserverLoad-threshold-Override_'), field('tags._amba-allserverLoad-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json b/services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json new file mode 100644 index 000000000..1e611ace2 --- /dev/null +++ b/services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b9ffe52a-f430-4605-a2b1-d815eb1bcc56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allusedmemorypercentage Alert", + "description": "Policy to Audit/Deploy Cache Redis allusedmemorypercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allusedmemorypercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allusedmemorypercentage-threshold-Override_'), field('tags._amba-allusedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allusedmemorypercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allusedmemorypercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allusedmemorypercentage", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allusedmemorypercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allusedmemorypercentage-threshold-Override_'), field('tags._amba-allusedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json b/services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json new file mode 100644 index 000000000..d2df94a8c --- /dev/null +++ b/services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "82cb3ad7-d44f-4131-9078-5aac82d3333a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis cacheLatency Alert", + "description": "Policy to Audit/Deploy Cache Redis cacheLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cacheLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cacheLatency-threshold-Override_'), field('tags._amba-cacheLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cacheLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis cacheLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cacheLatency", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "cacheLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cacheLatency-threshold-Override_'), field('tags._amba-cacheLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json b/services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json new file mode 100644 index 000000000..574b056a7 --- /dev/null +++ b/services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cc764431-e1b0-4455-94b1-b66d32cc54b4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis cacheRead Alert", + "description": "Policy to Audit/Deploy Cache Redis cacheRead Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "46875000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cacheRead" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cacheRead-threshold-Override_'), field('tags._amba-cacheRead-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cacheRead')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis cacheRead", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cacheRead", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "cacheRead", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cacheRead-threshold-Override_'), field('tags._amba-cacheRead-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json b/services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json new file mode 100644 index 000000000..eebbba55f --- /dev/null +++ b/services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis connectedclients Alert", + "description": "Policy to Audit/Deploy Cache Redis connectedclients Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "850" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connectedclients" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connectedclients-threshold-Override_'), field('tags._amba-connectedclients-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connectedclients')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis connectedclients", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connectedclients", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "connectedclients", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connectedclients-threshold-Override_'), field('tags._amba-connectedclients-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json b/services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json new file mode 100644 index 000000000..ecae12c9e --- /dev/null +++ b/services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "24b37318-9353-4424-9d8e-ac28450328b6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis errors Alert", + "description": "Policy to Audit/Deploy Cache Redis errors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "errors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-errors-threshold-Override_'), field('tags._amba-errors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-errors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis errors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "errors", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "errors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-errors-threshold-Override_'), field('tags._amba-errors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json b/services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json new file mode 100644 index 000000000..cd9d137c9 --- /dev/null +++ b/services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8d5df17c-a5b7-4cf1-a01e-f9d8625297a6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis percentProcessorTime Alert", + "description": "Policy to Audit/Deploy Cache Redis percentProcessorTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "percentProcessorTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-percentProcessorTime-threshold-Override_'), field('tags._amba-percentProcessorTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-percentProcessorTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis percentProcessorTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "percentProcessorTime", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "percentProcessorTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-percentProcessorTime-threshold-Override_'), field('tags._amba-percentProcessorTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json b/services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json new file mode 100644 index 000000000..3e0a018ff --- /dev/null +++ b/services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "837ecf42-3f25-41ae-b97d-34193f0669da", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis serverLoad Alert", + "description": "Policy to Audit/Deploy Cache Redis serverLoad Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "serverLoad" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-serverLoad-threshold-Override_'), field('tags._amba-serverLoad-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-serverLoad')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis serverLoad", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "serverLoad", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "serverLoad", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-serverLoad-threshold-Override_'), field('tags._amba-serverLoad-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json b/services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json new file mode 100644 index 000000000..cc86641cb --- /dev/null +++ b/services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1b68776d-4d11-4d27-96c5-4d51cf17e1fc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis usedmemoryRss Alert", + "description": "Policy to Audit/Deploy Cache Redis usedmemoryRss Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "11000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usedmemoryRss" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usedmemoryRss-threshold-Override_'), field('tags._amba-usedmemoryRss-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usedmemoryRss')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis usedmemoryRss", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usedmemoryRss", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "usedmemoryRss", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usedmemoryRss-threshold-Override_'), field('tags._amba-usedmemoryRss-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json b/services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json new file mode 100644 index 000000000..8066e883e --- /dev/null +++ b/services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "aecc75bf-f961-4c22-86e9-84c5039a2938", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis usedmemory Alert", + "description": "Policy to Audit/Deploy Cache Redis usedmemory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usedmemory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usedmemory-threshold-Override_'), field('tags._amba-usedmemory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usedmemory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis usedmemory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usedmemory", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "usedmemory", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usedmemory-threshold-Override_'), field('tags._amba-usedmemory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json b/services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json new file mode 100644 index 000000000..9290f392c --- /dev/null +++ b/services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d6c4011c-f4e6-4b12-b6e6-9486eab0fecc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis usedmemorypercentage Alert", + "description": "Policy to Audit/Deploy Cache Redis usedmemorypercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usedmemorypercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usedmemorypercentage-threshold-Override_'), field('tags._amba-usedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usedmemorypercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis usedmemorypercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usedmemorypercentage", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "usedmemorypercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usedmemorypercentage-threshold-Override_'), field('tags._amba-usedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json b/services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json new file mode 100644 index 000000000..d5faf03b2 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5e8aaa27-e5b3-4774-9807-af61ec96b001", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles ByteHitRatio Alert", + "description": "Policy to Audit/Deploy Cdn profiles ByteHitRatio Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ByteHitRatio" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ByteHitRatio-threshold-Override_'), field('tags._amba-ByteHitRatio-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ByteHitRatio')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles ByteHitRatio", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ByteHitRatio", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "ByteHitRatio", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ByteHitRatio-threshold-Override_'), field('tags._amba-ByteHitRatio-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json b/services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json new file mode 100644 index 000000000..23dbe9c48 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c42138d4-bb4c-4171-8802-ba44d671d72f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles OriginHealthPercentage Alert", + "description": "Policy to Audit/Deploy Cdn profiles OriginHealthPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OriginHealthPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OriginHealthPercentage-threshold-Override_'), field('tags._amba-OriginHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OriginHealthPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles OriginHealthPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OriginHealthPercentage", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "OriginHealthPercentage", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OriginHealthPercentage-threshold-Override_'), field('tags._amba-OriginHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json b/services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json new file mode 100644 index 000000000..17accc153 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c47441d4-7061-4acd-8ad8-69e52d00557c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles Percentage5XX Alert", + "description": "Policy to Audit/Deploy Cdn profiles Percentage5XX Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage5XX" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage5XX-threshold-Override_'), field('tags._amba-Percentage5XX-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage5XX')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles Percentage5XX", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage5XX", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "Percentage5XX", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage5XX-threshold-Override_'), field('tags._amba-Percentage5XX-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json b/services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json new file mode 100644 index 000000000..b56c0ab10 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cf6babc2-f623-4f12-a352-c30a02bcb6c6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles RequestCount Alert", + "description": "Policy to Audit/Deploy Cdn profiles RequestCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RequestCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RequestCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles RequestCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RequestCount", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "RequestCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json b/services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json new file mode 100644 index 000000000..8a06b3b8c --- /dev/null +++ b/services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5fb9c4bf-3799-44e0-bd75-656d1cfa26d2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles TotalLatency Alert", + "description": "Policy to Audit/Deploy Cdn profiles TotalLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles TotalLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalLatency", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "TotalLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json b/services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json new file mode 100644 index 000000000..2668f125b --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "87fe8679-655d-4acb-a37c-b7faebe26d47", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts BlockedCalls Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts BlockedCalls Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlockedCalls" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlockedCalls-threshold-Override_'), field('tags._amba-BlockedCalls-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlockedCalls')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts BlockedCalls", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlockedCalls", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "BlockedCalls", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlockedCalls-threshold-Override_'), field('tags._amba-BlockedCalls-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json b/services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json new file mode 100644 index 000000000..182b2e6b5 --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ec8c928a-5206-4059-8aea-8486004dd30d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts ClientErrors Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts ClientErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ClientErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ClientErrors-threshold-Override_'), field('tags._amba-ClientErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ClientErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts ClientErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ClientErrors", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "ClientErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ClientErrors-threshold-Override_'), field('tags._amba-ClientErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json b/services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json new file mode 100644 index 000000000..bcaeaad6e --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d76ab40a-2831-4fa2-b476-5fdcda3d7c4c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts Latency Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts Latency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Latency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Latency-threshold-Override_'), field('tags._amba-Latency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Latency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts Latency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Latency", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "Latency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Latency-threshold-Override_'), field('tags._amba-Latency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json b/services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json new file mode 100644 index 000000000..5991d717f --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3c550d9c-8276-4a61-b0cf-ef437a55e299", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts ServerErrors Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts ServerErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts ServerErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerErrors", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "ServerErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json b/services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json new file mode 100644 index 000000000..edccae1ed --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "80f3c9ae-7da9-462f-ab44-2ff80d27c8f1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts SuccessRate Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts SuccessRate Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessRate" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessRate-threshold-Override_'), field('tags._amba-SuccessRate-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessRate')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts SuccessRate", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessRate", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "SuccessRate", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessRate-threshold-Override_'), field('tags._amba-SuccessRate-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json b/services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json new file mode 100644 index 000000000..dab79b7df --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "287a29bf-097d-4c4a-9ac5-df70a10f6903", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts TokenTransaction Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts TokenTransaction Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "180000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TokenTransaction" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TokenTransaction-threshold-Override_'), field('tags._amba-TokenTransaction-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TokenTransaction')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts TokenTransaction", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TokenTransaction", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "TokenTransaction", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TokenTransaction-threshold-Override_'), field('tags._amba-TokenTransaction-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json b/services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json new file mode 100644 index 000000000..7acc9abe5 --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "07f1ae0a-94f3-41da-b3a6-ca9188e416cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts TotalCalls Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts TotalCalls Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalCalls" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalCalls-threshold-Override_'), field('tags._amba-TotalCalls-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalCalls')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts TotalCalls", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalCalls", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "TotalCalls", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalCalls-threshold-Override_'), field('tags._amba-TotalCalls-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json b/services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json new file mode 100644 index 000000000..969535e33 --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e228ad2d-7f9f-4843-88e2-57f6d44c59e9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts TotalErrors Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts TotalErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalErrors-threshold-Override_'), field('tags._amba-TotalErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts TotalErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalErrors", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "TotalErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalErrors-threshold-Override_'), field('tags._amba-TotalErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json b/services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json new file mode 100644 index 000000000..6cc2b9dbf --- /dev/null +++ b/services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e98657ed-8a0b-4992-9d20-a54e2d6065ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute cloudServices Percentage CPU Alert", + "description": "Policy to Audit/Deploy Compute cloudServices Percentage CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/cloudServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/cloudServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/cloudServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute cloudServices Percentage CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage CPU", + "metricNamespace": "Microsoft.Compute/cloudServices", + "metricName": "Percentage CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json b/services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json new file mode 100644 index 000000000..d81c90fbe --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d9089d09-ddec-4f6a-8dc1-e2544e5765cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Available Memory Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Available Memory Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Available Memory Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Available Memory Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Available Memory Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Available Memory Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Available Memory Bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json b/services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json new file mode 100644 index 000000000..c4e3aa393 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Data Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Data Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Data Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Data Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json b/services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json new file mode 100644 index 000000000..1c44fafa6 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea8be16a-f5e9-4a8b-a1df-a8c5efff039b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Disk Read Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Disk Read Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Read Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Read Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Disk Read Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Read Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Disk Read Operations/Sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json b/services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json new file mode 100644 index 000000000..f9403404c --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dce1cda8-1dab-4941-b607-1d5d449709d5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Disk Write Operations/Sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json b/services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json new file mode 100644 index 000000000..03ae24f54 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "86991e6e-efc9-4898-adf8-4e8e3a60c57e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Inbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Inbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Inbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Inbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Inbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Inbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Inbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json new file mode 100644 index 000000000..864d4183c --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0e94112-5509-47b6-8def-91fb5ca5d0cd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Network In Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Network In Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "700000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network In Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network In Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Network In Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network In Total", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Network In Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json new file mode 100644 index 000000000..77f39c0d7 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "87dfe717-217f-4447-b59a-7ea39160b83a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Network In Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Network In Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network In" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network In-threshold-Override_'), field('tags._amba-Network In-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network In')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Network In", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network In", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Network In", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network In-threshold-Override_'), field('tags._amba-Network In-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json new file mode 100644 index 000000000..61fdd8c2b --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "98de2aed-3493-4e65-919b-b1f8e6995819", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Network Out Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Network Out Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "700000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network Out Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network Out Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Network Out Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network Out Total", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Network Out Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json b/services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json new file mode 100644 index 000000000..52cdfc452 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "55dc79f4-5666-420f-8c53-141d73e01fee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets OS Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets OS Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets OS Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "OS Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json b/services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json new file mode 100644 index 000000000..fbcdc5d3b --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d336cfa2-724e-419a-809d-c716741d5279", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Outbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Outbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Outbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Outbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Outbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Outbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Outbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json b/services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json new file mode 100644 index 000000000..e1a9daa79 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "310c2a27-8933-434e-a366-cb35831cde44", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Percentage CPU Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Percentage CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Percentage CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage CPU", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Percentage CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json b/services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json new file mode 100644 index 000000000..2e69bfcd7 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6cf11f1e-273a-4f42-bf9b-9310b26c1c4f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets VmAvailabilityMetric Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets VmAvailabilityMetric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VmAvailabilityMetric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VmAvailabilityMetric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets VmAvailabilityMetric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VmAvailabilityMetric", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "VmAvailabilityMetric", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json new file mode 100644 index 000000000..a94e0ed83 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0bd7c37-eb24-47c2-a032-f925594152ed", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Available Memory Bytes (MBytes) Alert", + "description": "Policy to Audit/Deploy VM Available Memory Bytes (MBytes) Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Available Memory Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Available Memory Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Available Memory Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Available Memory Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Available Memory Bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json new file mode 100644 index 000000000..7ddd99b8f --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "bf1e0006-6089-4f92-a115-fc83aa0fbdd5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Available Memory Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Available Memory Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Available Memory Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Available Memory Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Available Memory Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Available Memory Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Available Memory Bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json b/services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json new file mode 100644 index 000000000..710a8534a --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json @@ -0,0 +1,526 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_Memory_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Memory Alert", + "description": "Policy to audit/deploy VM Memory Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "LessThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowMemoryAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"|where Namespace == \"Memory\" and Name == \"AvailableMB\"| extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0| summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMMemoryAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowMemoryAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowMemoryAlert')]", + "description": "Log Alert for Virtual Machine Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"|where Namespace == \"Memory\" and Name == \"AvailableMB\"| extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0| summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" + ] + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json b/services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json new file mode 100644 index 000000000..5c254113b --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a407ae10-6263-449c-81b9-172760d6dc6d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines CPU Credits Consumed Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines CPU Credits Consumed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU Credits Consumed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU Credits Consumed-threshold-Override_'), field('tags._amba-CPU Credits Consumed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU Credits Consumed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines CPU Credits Consumed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU Credits Consumed", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "CPU Credits Consumed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU Credits Consumed-threshold-Override_'), field('tags._amba-CPU Credits Consumed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json b/services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json new file mode 100644 index 000000000..e52b372c3 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "821888a1-6490-4a2d-8850-bdc45057a853", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines CPU Credits Remaining Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines CPU Credits Remaining Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU Credits Remaining" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU Credits Remaining-threshold-Override_'), field('tags._amba-CPU Credits Remaining-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU Credits Remaining')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines CPU Credits Remaining", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU Credits Remaining", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "CPU Credits Remaining", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU Credits Remaining-threshold-Override_'), field('tags._amba-CPU Credits Remaining-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json b/services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json new file mode 100644 index 000000000..f51de4262 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b57b0749-f851-4c3d-b7fb-7cf26f3bf16a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json b/services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json new file mode 100644 index 000000000..edf5e7fd7 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json @@ -0,0 +1,550 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_dataDiskSpace_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Data Disk Space Alert", + "description": "Policy to audit/deploy VM data Disk Space Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "LessThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both Windows and Linux" + }, + "defaultValue": [ + "*" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowdataDiskSpaceAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMdataDiskSpaceAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowdataDiskSpaceAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowdataDiskSpaceAlert')]", + "description": "Log Alert for Virtual Machine dataDiskSpace", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" + ] + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json b/services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json new file mode 100644 index 000000000..139d1c3ca --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json b/services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json new file mode 100644 index 000000000..52caae632 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9b0f41af-1c52-4890-a23a-3bfebfee1154", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Max Burst IOPS Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Max Burst IOPS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3750" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Max Burst IOPS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-Data Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Max Burst IOPS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Max Burst IOPS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Max Burst IOPS", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Max Burst IOPS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-Data Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json b/services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json new file mode 100644 index 000000000..bd1583200 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "040bc9c3-da5c-4fd0-b160-979ce89364ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Queue Depth Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Queue Depth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Queue Depth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Queue Depth-threshold-Override_'), field('tags._amba-Data Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Queue Depth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Queue Depth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Queue Depth", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Queue Depth", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Queue Depth-threshold-Override_'), field('tags._amba-Data Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json b/services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json new file mode 100644 index 000000000..4f31b9c8f --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_dataDiskReadLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Data Disk Read Latency Alert", + "description": "Policy to audit/deploy VM dataDiskReadLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighdataDiskReadLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMdataDiskReadLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighdataDiskReadLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighdataDiskReadLatencyAlert')]", + "description": "Log Alert for Virtual Machine dataDiskReadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json b/services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json new file mode 100644 index 000000000..ad095d499 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3c5518ea-9a0f-44ff-b197-47b3d6db060b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Read Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Read Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Read Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Read Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Read Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Read Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Read Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json b/services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json new file mode 100644 index 000000000..1ccdd7c17 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e45d685d-14c4-4422-8096-6f11d628fb20", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Write Bytes/sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Write Bytes/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Write Bytes/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-Data Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Write Bytes/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Write Bytes/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Write Bytes/sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Write Bytes/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-Data Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json b/services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json new file mode 100644 index 000000000..fab58e695 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_dataDiskWriteLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Data Disk Write Latency Alert", + "description": "Policy to audit/deploy VM dataDiskWriteLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighdataDiskWriteLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMdataDiskWriteLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighdataDiskWriteLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighdataDiskWriteLatencyAlert')]", + "description": "Log Alert for Virtual Machine dataDiskWriteLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json b/services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json new file mode 100644 index 000000000..4daa38dcb --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "326b359d-e0a2-4055-8e1f-f9c5f9df5599", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Write Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json b/services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json new file mode 100644 index 000000000..4d3851ef3 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b9221998-f2bb-4ae8-b2c8-f9c4750e06f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Read Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Read Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "4000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Read Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Read Bytes-threshold-Override_'), field('tags._amba-Disk Read Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Read Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Read Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Read Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Read Bytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Read Bytes-threshold-Override_'), field('tags._amba-Disk Read Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json b/services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json new file mode 100644 index 000000000..d35078ebd --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8bc489c0-d2f7-43c1-9bb7-478c9503fb2e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Read Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Read Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Read Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Read Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Read Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Read Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Read Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json b/services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json new file mode 100644 index 000000000..79a479ac0 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b1cc650c-24fe-4f9e-a2ec-5757816526c0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Write Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Write Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3500000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Write Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Write Bytes-threshold-Override_'), field('tags._amba-Disk Write Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Write Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Write Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Write Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Write Bytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Write Bytes-threshold-Override_'), field('tags._amba-Disk Write Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json b/services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json new file mode 100644 index 000000000..74a131e05 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "edff41cb-d9b8-46ba-ba39-42747c1a4c4b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Write Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json b/services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json new file mode 100644 index 000000000..47c687505 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6de4e570-4270-4e9b-949e-5680b061e7fd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Inbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Inbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Inbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Inbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Inbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Inbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Inbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json b/services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json new file mode 100644 index 000000000..b40702d81 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea4501a3-1e77-4df1-ab61-3ee28ae529eb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Network In Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Network In Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network In Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network In Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Network In Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network In Total", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Network In Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json b/services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json new file mode 100644 index 000000000..d7f28d48b --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e2028144-b142-445c-b544-3bb438537c8f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Network Out Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Network Out Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network Out Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network Out Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Network Out Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network Out Total", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Network Out Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json b/services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json new file mode 100644 index 000000000..3d6721e23 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_NetworkIn_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Network Read Alert", + "description": "Policy to audit/deploy VM Network Read Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000000" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "networkInterfacesToInclude": { + "type": "array", + "metadata": { + "displayName": "Network Interface to be included to be monitored", + "description": "Array of Network Interface to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighNetworkInAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "computersToInclude": { + "type": "array" + }, + "networkInterfacesToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMNetworkInAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighNetworkInAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighNetworkInAlert')]", + "description": "Log Alert for Virtual Machine NetworkIn", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "NetworkInterface", + "operator": "Include", + "values": "[[parameters('networkInterfacesToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json b/services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json new file mode 100644 index 000000000..643ce24ab --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_NetworkOut_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Network Write Alert", + "description": "Policy to audit/deploy VM Network Out Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000000" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "networkInterfacesToInclude": { + "type": "array", + "metadata": { + "displayName": "Network Interface to be included to be monitored", + "description": "Array of Network Interface to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighNetworkOutAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "computersToInclude": { + "type": "array" + }, + "networkInterfacesToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMNetworkOutAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", + "description": "Log Alert for Virtual Machine NetworkOut", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "NetworkInterface", + "operator": "Include", + "values": "[[parameters('networkInterfacesToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json b/services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json new file mode 100644 index 000000000..5c6a218f8 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f7e19635-0118-4040-83d5-2f4c2150aef1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json b/services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json new file mode 100644 index 000000000..b50872ee8 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json @@ -0,0 +1,568 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_OSDiskSpace_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM OS Disk Space Alert", + "description": "Policy to audit/deploy VM OSDiskSpace Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "LessThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "C:", + "/" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMOSDiskSpaceAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", + "description": "Log Alert for Virtual Machine OSDiskSpace", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json b/services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json new file mode 100644 index 000000000..fcbbd7041 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a2bf3c43-d327-473b-9204-f77e2a0fe398", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json b/services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json new file mode 100644 index 000000000..6e6b1191f --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "916dc60b-b2d2-4708-9fa4-6a36b244f499", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Max Burst IOPS Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Max Burst IOPS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Max Burst IOPS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-OS Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Max Burst IOPS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Max Burst IOPS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Max Burst IOPS", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Max Burst IOPS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-OS Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json b/services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json new file mode 100644 index 000000000..3842d547a --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "36262245-4c8a-4143-9ab4-68e9c23ae19a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Queue Depth Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Queue Depth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Queue Depth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Queue Depth-threshold-Override_'), field('tags._amba-OS Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Queue Depth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Queue Depth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Queue Depth", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Queue Depth", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Queue Depth-threshold-Override_'), field('tags._amba-OS Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json b/services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json new file mode 100644 index 000000000..78bd96dc8 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json @@ -0,0 +1,568 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_OSDiskreadLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM OS Disk Read Latency Alert", + "description": "Policy to audit/deploy VM OSDiskreadLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "C:", + "/" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowOSDiskreadLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMOSDiskreadLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowOSDiskreadLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowOSDiskreadLatencyAlert')]", + "description": "Log Alert for Virtual Machine OSDiskreadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json b/services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json new file mode 100644 index 000000000..7e0cc4fdd --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "929b095e-5ea1-48b4-bf4e-bfc1a941a908", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Write Bytes/sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Write Bytes/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "48000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Write Bytes/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-OS Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Write Bytes/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Write Bytes/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Write Bytes/sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Write Bytes/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-OS Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json b/services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json new file mode 100644 index 000000000..4050ed95e --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json @@ -0,0 +1,568 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_OSDiskwriteLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM OS Disk Write Latency Alert", + "description": "Policy to audit/deploy VM OSDiskwriteLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "C:", + "/" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowOSDiskwriteLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMOSDiskwriteLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowOSDiskwriteLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowOSDiskwriteLatencyAlert')]", + "description": "Log Alert for Virtual Machine OSDiskwriteLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json b/services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json new file mode 100644 index 000000000..c11134b3a --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3be4037a-c692-402d-843d-b3fe43053edf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-OS Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Write Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-OS Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json b/services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json new file mode 100644 index 000000000..0fcf44cba --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a477bf96-4b0f-471c-b5d3-0acdb59612e6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Outbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Outbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Outbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Outbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Outbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Outbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Outbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json b/services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json new file mode 100644 index 000000000..7ae621382 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9bac9fd-2382-4ce1-b68b-8898caf45038", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Percentage CPU Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Percentage CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Percentage CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage CPU", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Percentage CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json b/services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json new file mode 100644 index 000000000..0d716ea56 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json @@ -0,0 +1,509 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_CPU_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM CPU Alert", + "description": "Policy to audit/deploy VM CPU Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighCPUAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "1" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Processor\" and Name == \"UtilizationPercentage\"| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMCPUAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighCPUAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighCPUAlert')]", + "description": "Log Alert for Virtual Machine CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Processor\" and Name == \"UtilizationPercentage\"| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" + ] + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "1", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json b/services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json new file mode 100644 index 000000000..9cae01ec3 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb85f15b-b705-418f-b8ed-93d8cc7a9a6c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Cached Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Cached Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Cached Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Cached Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Cached Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Cached Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Cached Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json b/services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json new file mode 100644 index 000000000..4918f92e7 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c878115f-2a89-446e-8980-ef4f152120c5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Cached IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Cached IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Cached IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Cached IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Cached IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Cached IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Cached IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json b/services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json new file mode 100644 index 000000000..808ec8184 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e3981e7b-fd8b-4e07-bb68-d598c020c12d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Uncached Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Uncached Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Uncached Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Uncached Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Uncached Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Uncached Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Uncached Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json b/services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json new file mode 100644 index 000000000..de2754c76 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "765ceb5b-ec1d-44d7-b94d-bb139030df81", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Uncached IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Uncached IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Uncached IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Uncached IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Uncached IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Uncached IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Uncached IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json b/services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json new file mode 100644 index 000000000..52f05a507 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3fa5376a-705a-48e4-b314-6282a74c9f7c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VmAvailabilityMetric Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VmAvailabilityMetric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VmAvailabilityMetric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VmAvailabilityMetric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VmAvailabilityMetric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VmAvailabilityMetric", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VmAvailabilityMetric", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json b/services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json new file mode 100644 index 000000000..bc907bb23 --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "970af9d6-9212-420d-af7b-4fbd790a2596", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups CpuUsage Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups CpuUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups CpuUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuUsage", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "CpuUsage", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json b/services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json new file mode 100644 index 000000000..e2c8eab1c --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4758386e-12ee-411a-9e49-445b5c5c3051", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups MemoryUsage Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups MemoryUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups MemoryUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryUsage", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "MemoryUsage", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json new file mode 100644 index 000000000..d55b0c49a --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8beff742-9cd8-43ed-9680-57ae35bee6e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups NetworkBytesReceivedPerSecond Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups NetworkBytesReceivedPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NetworkBytesReceivedPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NetworkBytesReceivedPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups NetworkBytesReceivedPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NetworkBytesReceivedPerSecond", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "NetworkBytesReceivedPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json new file mode 100644 index 000000000..ce6cd6ebe --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5b26b965-2662-4a89-9d7e-771486357f39", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups NetworkBytesTransmittedPerSecond Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups NetworkBytesTransmittedPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NetworkBytesTransmittedPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NetworkBytesTransmittedPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups NetworkBytesTransmittedPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NetworkBytesTransmittedPerSecond", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "NetworkBytesTransmittedPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json b/services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json new file mode 100644 index 000000000..bb1ff6ecc --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "42995506-5bd2-4687-9316-d9399919990b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries StorageUsed Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries StorageUsed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageUsed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageUsed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries StorageUsed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageUsed", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "StorageUsed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json b/services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json new file mode 100644 index 000000000..969987d16 --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fa9efde4-3586-4595-a442-b7e97f70fe91", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries StorageUsed Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries StorageUsed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "429496729600" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageUsed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageUsed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries StorageUsed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageUsed", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "StorageUsed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json b/services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json new file mode 100644 index 000000000..7d711a072 --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b8c8a846-a8d0-4e8f-b854-030955a20135", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries SuccessfulPullCount Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries SuccessfulPullCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessfulPullCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessfulPullCount-threshold-Override_'), field('tags._amba-SuccessfulPullCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessfulPullCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries SuccessfulPullCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessfulPullCount", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "SuccessfulPullCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessfulPullCount-threshold-Override_'), field('tags._amba-SuccessfulPullCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json b/services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json new file mode 100644 index 000000000..08bf8cc4e --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9dca87c2-de00-40fd-b0bb-c8335e5f978a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries SuccessfulPushCount Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries SuccessfulPushCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessfulPushCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessfulPushCount-threshold-Override_'), field('tags._amba-SuccessfulPushCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessfulPushCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries SuccessfulPushCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessfulPushCount", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "SuccessfulPushCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessfulPushCount-threshold-Override_'), field('tags._amba-SuccessfulPushCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json new file mode 100644 index 000000000..0fad2e90b --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49fd8bac-d061-459d-8d80-a048c4c8ba56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters cluster_autoscaler_cluster_safe_to_autoscale Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters cluster_autoscaler_cluster_safe_to_autoscale Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cluster_autoscaler_cluster_safe_to_autoscale" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), field('tags._amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cluster_autoscaler_cluster_safe_to_autoscale')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters cluster_autoscaler_cluster_safe_to_autoscale", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cluster_autoscaler_cluster_safe_to_autoscale", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "cluster_autoscaler_cluster_safe_to_autoscale", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), field('tags._amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json new file mode 100644 index 000000000..5ffb329f8 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "301ca0e3-fc88-4285-be99-a2a587c412f5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters cluster_autoscaler_unschedulable_pods_count Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters cluster_autoscaler_unschedulable_pods_count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cluster_autoscaler_unschedulable_pods_count" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), field('tags._amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cluster_autoscaler_unschedulable_pods_count')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters cluster_autoscaler_unschedulable_pods_count", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cluster_autoscaler_unschedulable_pods_count", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "cluster_autoscaler_unschedulable_pods_count", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), field('tags._amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json new file mode 100644 index 000000000..6603c4ee8 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "64a872f9-5ec6-4121-acad-edd12f4c3466", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_node_status_allocatable_cpu_cores Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_node_status_allocatable_cpu_cores Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_node_status_allocatable_cpu_cores" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_node_status_allocatable_cpu_cores')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_node_status_allocatable_cpu_cores", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_node_status_allocatable_cpu_cores", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_node_status_allocatable_cpu_cores", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json new file mode 100644 index 000000000..e039de4a4 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14fa63fb-7da9-4d2e-9de9-203c4a3e0401", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_node_status_allocatable_memory_bytes Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_node_status_allocatable_memory_bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2147483648" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_node_status_allocatable_memory_bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_node_status_allocatable_memory_bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_node_status_allocatable_memory_bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_node_status_allocatable_memory_bytes", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_node_status_allocatable_memory_bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json b/services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json new file mode 100644 index 000000000..746fea8f2 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ebbbbb92-5208-4d52-b407-6bea8e4473b9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_node_status_condition Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_node_status_condition Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_node_status_condition" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_node_status_condition-threshold-Override_'), field('tags._amba-kube_node_status_condition-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_node_status_condition')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_node_status_condition", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_node_status_condition", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_node_status_condition", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_node_status_condition-threshold-Override_'), field('tags._amba-kube_node_status_condition-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json new file mode 100644 index 000000000..9d1e69263 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e38e6e11-ac88-4014-98c8-8e64f70b832a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_pod_status_phase Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_pod_status_phase Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_pod_status_phase" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_pod_status_phase-threshold-Override_'), field('tags._amba-kube_pod_status_phase-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_pod_status_phase')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_pod_status_phase", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_pod_status_phase", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_pod_status_phase", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_pod_status_phase-threshold-Override_'), field('tags._amba-kube_pod_status_phase-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json new file mode 100644 index 000000000..a21b851bf --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cebf00b7-7294-4cf7-bc50-108f999d0c67", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_pod_status_ready Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_pod_status_ready Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_pod_status_ready" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_pod_status_ready-threshold-Override_'), field('tags._amba-kube_pod_status_ready-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_pod_status_ready')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_pod_status_ready", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_pod_status_ready", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_pod_status_ready", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_pod_status_ready-threshold-Override_'), field('tags._amba-kube_pod_status_ready-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json b/services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json new file mode 100644 index 000000000..1459ade7b --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1303e91d-bc80-4ec2-937e-1d179fc32b43", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_cpu_usage_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_cpu_usage_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_cpu_usage_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_cpu_usage_percentage-threshold-Override_'), field('tags._amba-node_cpu_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_cpu_usage_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_cpu_usage_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_cpu_usage_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_cpu_usage_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_cpu_usage_percentage-threshold-Override_'), field('tags._amba-node_cpu_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json b/services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json new file mode 100644 index 000000000..a95990fc6 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "aa3c5697-5cca-4c16-a37e-94f1d580701e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_disk_usage_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_disk_usage_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_disk_usage_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_disk_usage_percentage-threshold-Override_'), field('tags._amba-node_disk_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_disk_usage_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_disk_usage_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_disk_usage_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_disk_usage_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_disk_usage_percentage-threshold-Override_'), field('tags._amba-node_disk_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json b/services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json new file mode 100644 index 000000000..4606846b6 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e89e023e-117b-4db4-bfb2-853849e273f5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_memory_rss_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_memory_rss_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_memory_rss_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_memory_rss_percentage-threshold-Override_'), field('tags._amba-node_memory_rss_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_memory_rss_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_memory_rss_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_memory_rss_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_memory_rss_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_memory_rss_percentage-threshold-Override_'), field('tags._amba-node_memory_rss_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json b/services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json new file mode 100644 index 000000000..c615ce8b1 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9ae2dfbf-d69b-4802-8497-8b7836bef5e9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_memory_working_set_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_memory_working_set_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_memory_working_set_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_memory_working_set_percentage-threshold-Override_'), field('tags._amba-node_memory_working_set_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_memory_working_set_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_memory_working_set_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_memory_working_set_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_memory_working_set_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_memory_working_set_percentage-threshold-Override_'), field('tags._amba-node_memory_working_set_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json b/services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json new file mode 100644 index 000000000..e69e50a83 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0f19979d-9dc2-4636-8e15-435bbfa1f0f9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json b/services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json new file mode 100644 index 000000000..f01bd3959 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "13bbfe6e-3b65-4940-9344-6d1cc78e7d54", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json b/services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json new file mode 100644 index 000000000..fbee09521 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "faf01668-c98a-4755-ae74-9dd4151f4c39", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json b/services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json new file mode 100644 index 000000000..a30eb1c88 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ef38051a-d9e3-4705-b208-29a421e729be", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json b/services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json new file mode 100644 index 000000000..08a5c729f --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "269d640c-b6ba-45e1-a52f-67708f9f99d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers aborted_connections Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers aborted_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "aborted_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-aborted_connections-threshold-Override_'), field('tags._amba-aborted_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-aborted_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers aborted_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "aborted_connections", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "aborted_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-aborted_connections-threshold-Override_'), field('tags._amba-aborted_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json b/services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json new file mode 100644 index 000000000..fcd8ac370 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "347674ce-8534-403d-8281-cac9ea6f412a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers active_connections Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json b/services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json new file mode 100644 index 000000000..70d0ec318 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "218161be-4952-495b-aed1-03cccda3d42f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json b/services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json new file mode 100644 index 000000000..f6dbc8440 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a3601973-f48c-4bf2-8384-90d250702a79", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json b/services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json new file mode 100644 index 000000000..f5f2e804a --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "757e2adf-60b8-4688-ae8f-03dd7dcd5226", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json b/services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json new file mode 100644 index 000000000..1bcac7781 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dfe563fc-0ec1-401d-a362-8d293a06d02b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers replication_lag Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers replication_lag Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "replication_lag" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-replication_lag-threshold-Override_'), field('tags._amba-replication_lag-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-replication_lag')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers replication_lag", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "replication_lag", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "replication_lag", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-replication_lag-threshold-Override_'), field('tags._amba-replication_lag-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json b/services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json new file mode 100644 index 000000000..7030fc86b --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f285c23f-3b8e-428a-b289-8ff38a3c0e4b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers storage_limit Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers storage_limit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15000000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_limit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_limit-threshold-Override_'), field('tags._amba-storage_limit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_limit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers storage_limit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_limit", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "storage_limit", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_limit-threshold-Override_'), field('tags._amba-storage_limit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json b/services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json new file mode 100644 index 000000000..e7f7cd137 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e6771f44-f6d3-4a27-a9e4-b402a79c2891", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json b/services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json new file mode 100644 index 000000000..fc18387e4 --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "60453255-5e0e-4fa5-95b5-6c449bee6902", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers active_connections Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json b/services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json new file mode 100644 index 000000000..bff84b451 --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0767b27-b88b-46a1-ab90-37dc8c399358", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers connections_failed Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers connections_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connections_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connections_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers connections_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connections_failed", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "connections_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json b/services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json new file mode 100644 index 000000000..ed8588f6f --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "173e6b88-e8a9-4763-becb-9c749878c767", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json b/services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json new file mode 100644 index 000000000..9c66fd3eb --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "978944c7-a049-4847-8483-dcf5baa92f6a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json b/services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json new file mode 100644 index 000000000..d35f9ddbf --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json b/services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json new file mode 100644 index 000000000..80a65afde --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "85466088-8eb2-4faa-81f2-1ea40d8b6953", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers seconds_behind_master Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers seconds_behind_master Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3600" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "seconds_behind_master" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-seconds_behind_master-threshold-Override_'), field('tags._amba-seconds_behind_master-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-seconds_behind_master')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers seconds_behind_master", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "seconds_behind_master", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "seconds_behind_master", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-seconds_behind_master-threshold-Override_'), field('tags._amba-seconds_behind_master-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json b/services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json new file mode 100644 index 000000000..622f9564d --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af2b7bbb-9476-475a-b523-da3ee521eda7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers serverlog_storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers serverlog_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "serverlog_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-serverlog_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers serverlog_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "serverlog_storage_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "serverlog_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json b/services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json new file mode 100644 index 000000000..c0707c90f --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4f988eb2-c420-4ef2-82ed-2569b21b70e1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json new file mode 100644 index 000000000..94ea02427 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f9b59221-8055-449e-bfd5-7a056945c694", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers active_connections Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "120" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json new file mode 100644 index 000000000..390984dd9 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5f9cdad0-db39-48c9-a4eb-3107b5b79414", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers connections_failed Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers connections_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connections_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connections_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers connections_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connections_failed", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "connections_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json new file mode 100644 index 000000000..05d13952c --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "389057c9-a0e0-4327-b89f-58c3dabb519d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json new file mode 100644 index 000000000..e5c90929e --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1904dd93-9655-403f-bb89-dc42e5ebc666", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers deadlocks Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers deadlocks Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "deadlocks" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-deadlocks-threshold-Override_'), field('tags._amba-deadlocks-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-deadlocks')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers deadlocks", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "deadlocks", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "deadlocks", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-deadlocks-threshold-Override_'), field('tags._amba-deadlocks-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json new file mode 100644 index 000000000..7a6fd2bbe --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5856ad80-7256-441f-8a62-af1fdc712018", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers disk_iops_consumed_percentage Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers disk_iops_consumed_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "disk_iops_consumed_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-disk_iops_consumed_percentage-threshold-Override_'), field('tags._amba-disk_iops_consumed_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-disk_iops_consumed_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers disk_iops_consumed_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "disk_iops_consumed_percentage", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "disk_iops_consumed_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-disk_iops_consumed_percentage-threshold-Override_'), field('tags._amba-disk_iops_consumed_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json new file mode 100644 index 000000000..e1f7072f6 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers iops Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers iops Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "450" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "iops" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-iops-threshold-Override_'), field('tags._amba-iops-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-iops')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers iops", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "iops", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "iops", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-iops-threshold-Override_'), field('tags._amba-iops-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json new file mode 100644 index 000000000..a6de77037 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0ac25d8-ae08-45e1-8a1e-5204514ad7bd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers is_db_alive Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers is_db_alive Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "is_db_alive" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-is_db_alive-threshold-Override_'), field('tags._amba-is_db_alive-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-is_db_alive')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers is_db_alive", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "is_db_alive", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "is_db_alive", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-is_db_alive-threshold-Override_'), field('tags._amba-is_db_alive-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json new file mode 100644 index 000000000..e6d8ce11b --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1103b9a5-3d3d-4aa8-a3c2-66958e32c220", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers maximum_used_transactionIDs Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers maximum_used_transactionIDs Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10737418240" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "maximum_used_transactionIDs" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-maximum_used_transactionIDs-threshold-Override_'), field('tags._amba-maximum_used_transactionIDs-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-maximum_used_transactionIDs')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers maximum_used_transactionIDs", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "maximum_used_transactionIDs", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "maximum_used_transactionIDs", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-maximum_used_transactionIDs-threshold-Override_'), field('tags._amba-maximum_used_transactionIDs-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json new file mode 100644 index 000000000..59a4a717b --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0c64aa8f-4bdb-4bb0-961c-d298000536af", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json new file mode 100644 index 000000000..55d6490bb --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d389ee62-f431-4faa-a4bc-4a3d02cea182", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers storage_free Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers storage_free Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10737418240" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_free" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_free-threshold-Override_'), field('tags._amba-storage_free-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_free')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers storage_free", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_free", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "storage_free", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_free-threshold-Override_'), field('tags._amba-storage_free-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json new file mode 100644 index 000000000..a1326925d --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e397645f-359b-46d1-8182-d2cabab71aae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json b/services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json new file mode 100644 index 000000000..c5e1619d4 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "186c5227-a9f4-4cd0-a355-c8d28f359398", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers active_connections Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "120" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json b/services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json new file mode 100644 index 000000000..4081f9654 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0a6de1a0-e4df-470f-9bc7-247838fc428c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers connections_failed Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers connections_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connections_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connections_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers connections_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connections_failed", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "connections_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json b/services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json new file mode 100644 index 000000000..0fe2dec52 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a2b3fa9d-f7e8-4d1e-967c-3d661bc06708", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json b/services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json new file mode 100644 index 000000000..e5fce1a4f --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea7248bd-f96c-4391-ac48-c95312441028", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json b/services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json new file mode 100644 index 000000000..9e3f9eaf6 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1d53e3ac-e98a-426c-81f1-aa1834c49692", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json b/services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json new file mode 100644 index 000000000..c5cb44dd6 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "90c0997a-f96e-4a34-87c7-c394c6e8b940", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers pg_replica_log_delay_in_seconds Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers pg_replica_log_delay_in_seconds Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "pg_replica_log_delay_in_seconds" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-pg_replica_log_delay_in_seconds-threshold-Override_'), field('tags._amba-pg_replica_log_delay_in_seconds-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-pg_replica_log_delay_in_seconds')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers pg_replica_log_delay_in_seconds", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "pg_replica_log_delay_in_seconds", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "pg_replica_log_delay_in_seconds", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-pg_replica_log_delay_in_seconds-threshold-Override_'), field('tags._amba-pg_replica_log_delay_in_seconds-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json b/services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json new file mode 100644 index 000000000..62bc7278c --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "56a13163-c2b6-4235-96bd-ef1e373b19ba", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers serverlog_storage_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers serverlog_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "serverlog_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-serverlog_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers serverlog_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "serverlog_storage_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "serverlog_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json b/services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json new file mode 100644 index 000000000..752998c73 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e031f8bf-ed3f-4a41-87fe-b301c1d02367", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json b/services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json new file mode 100644 index 000000000..8933ceb9b --- /dev/null +++ b/services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "980f53cb-3eef-4263-952e-e69709e2a6e7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories ActivityFailedRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories ActivityFailedRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActivityFailedRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActivityFailedRuns-threshold-Override_'), field('tags._amba-ActivityFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActivityFailedRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories ActivityFailedRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActivityFailedRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "ActivityFailedRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActivityFailedRuns-threshold-Override_'), field('tags._amba-ActivityFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json b/services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json new file mode 100644 index 000000000..4e9b7cea0 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "321c2df7-c548-4e06-8729-8132b4dc3386", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories ActivitySucceededRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories ActivitySucceededRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActivitySucceededRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActivitySucceededRuns-threshold-Override_'), field('tags._amba-ActivitySucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActivitySucceededRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories ActivitySucceededRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActivitySucceededRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "ActivitySucceededRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActivitySucceededRuns-threshold-Override_'), field('tags._amba-ActivitySucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json b/services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json new file mode 100644 index 000000000..6cd907b95 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "08bfad59-0c23-4e6b-b577-e325f445a2cc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories FactorySizeInGbUnits Alert", + "description": "Policy to Audit/Deploy DataFactory factories FactorySizeInGbUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FactorySizeInGbUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FactorySizeInGbUnits-threshold-Override_'), field('tags._amba-FactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FactorySizeInGbUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories FactorySizeInGbUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FactorySizeInGbUnits", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "FactorySizeInGbUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FactorySizeInGbUnits-threshold-Override_'), field('tags._amba-FactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json new file mode 100644 index 000000000..c6289ec0b --- /dev/null +++ b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories IntegrationRuntimeAvailableMemory Alert", + "description": "Policy to Audit/Deploy DataFactory factories IntegrationRuntimeAvailableMemory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationRuntimeAvailableMemory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationRuntimeAvailableMemory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories IntegrationRuntimeAvailableMemory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationRuntimeAvailableMemory", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "IntegrationRuntimeAvailableMemory", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json new file mode 100644 index 000000000..d34defd2f --- /dev/null +++ b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4b40d85d-f0be-41e5-9d60-ad9a99c54a41", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories IntegrationRuntimeAvailableNodeNumber Alert", + "description": "Policy to Audit/Deploy DataFactory factories IntegrationRuntimeAvailableNodeNumber Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationRuntimeAvailableNodeNumber" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationRuntimeAvailableNodeNumber')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories IntegrationRuntimeAvailableNodeNumber", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationRuntimeAvailableNodeNumber", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "IntegrationRuntimeAvailableNodeNumber", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json b/services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json new file mode 100644 index 000000000..3b58b494d --- /dev/null +++ b/services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "473c5450-95cc-4f86-bb8a-d0a06edd1357", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories IntegrationRuntimeCpuPercentage Alert", + "description": "Policy to Audit/Deploy DataFactory factories IntegrationRuntimeCpuPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationRuntimeCpuPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), field('tags._amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationRuntimeCpuPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories IntegrationRuntimeCpuPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationRuntimeCpuPercentage", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "IntegrationRuntimeCpuPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), field('tags._amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json b/services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json new file mode 100644 index 000000000..4ed737172 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "71d5d464-ae1c-4383-835f-bb7369e307ea", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories MaxAllowedFactorySizeInGbUnits Alert", + "description": "Policy to Audit/Deploy DataFactory factories MaxAllowedFactorySizeInGbUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "8" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MaxAllowedFactorySizeInGbUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), field('tags._amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MaxAllowedFactorySizeInGbUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories MaxAllowedFactorySizeInGbUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MaxAllowedFactorySizeInGbUnits", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "MaxAllowedFactorySizeInGbUnits", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), field('tags._amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json b/services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json new file mode 100644 index 000000000..491809e51 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a678b284-d23b-46e4-a8fa-75bb744a53bb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories MaxAllowedResourceCount Alert", + "description": "Policy to Audit/Deploy DataFactory factories MaxAllowedResourceCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2500000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MaxAllowedResourceCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MaxAllowedResourceCount-threshold-Override_'), field('tags._amba-MaxAllowedResourceCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MaxAllowedResourceCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories MaxAllowedResourceCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MaxAllowedResourceCount", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "MaxAllowedResourceCount", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MaxAllowedResourceCount-threshold-Override_'), field('tags._amba-MaxAllowedResourceCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json b/services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json new file mode 100644 index 000000000..77566fdb8 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f5e0a050-1994-4864-b2c3-a09dc77fb5b4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineCancelledRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineCancelledRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineCancelledRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineCancelledRuns-threshold-Override_'), field('tags._amba-PipelineCancelledRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineCancelledRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineCancelledRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineCancelledRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineCancelledRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineCancelledRuns-threshold-Override_'), field('tags._amba-PipelineCancelledRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json b/services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json new file mode 100644 index 000000000..7089db360 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "df4f3e6f-757e-4fa0-a411-b2cdf4039649", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineElapsedTimeRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineElapsedTimeRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineElapsedTimeRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineElapsedTimeRuns-threshold-Override_'), field('tags._amba-PipelineElapsedTimeRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineElapsedTimeRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineElapsedTimeRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineElapsedTimeRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineElapsedTimeRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineElapsedTimeRuns-threshold-Override_'), field('tags._amba-PipelineElapsedTimeRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json b/services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json new file mode 100644 index 000000000..2bdc6552e --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2dd0b760-3235-479d-86d4-c152ca76b7e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineFailedRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineFailedRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineFailedRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineFailedRuns-threshold-Override_'), field('tags._amba-PipelineFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineFailedRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineFailedRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineFailedRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineFailedRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineFailedRuns-threshold-Override_'), field('tags._amba-PipelineFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json b/services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json new file mode 100644 index 000000000..f22f25eb3 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "47615ecc-bf5d-47e2-8c10-f8411e6c5d56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineSucceededRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineSucceededRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineSucceededRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineSucceededRuns-threshold-Override_'), field('tags._amba-PipelineSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineSucceededRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineSucceededRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineSucceededRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineSucceededRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineSucceededRuns-threshold-Override_'), field('tags._amba-PipelineSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json b/services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json new file mode 100644 index 000000000..a2c05ceee --- /dev/null +++ b/services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "740b104c-1ad2-4ef7-bafc-c98f22551548", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories ResourceCount Alert", + "description": "Policy to Audit/Deploy DataFactory factories ResourceCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1700000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ResourceCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ResourceCount-threshold-Override_'), field('tags._amba-ResourceCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ResourceCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories ResourceCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ResourceCount", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "ResourceCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ResourceCount-threshold-Override_'), field('tags._amba-ResourceCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json b/services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json new file mode 100644 index 000000000..bda8f6e71 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5f2a0272-792a-4cdd-ba94-9f46db438a0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories SSISIntegrationRuntimeStartFailed Alert", + "description": "Policy to Audit/Deploy DataFactory factories SSISIntegrationRuntimeStartFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SSISIntegrationRuntimeStartFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), field('tags._amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SSISIntegrationRuntimeStartFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories SSISIntegrationRuntimeStartFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SSISIntegrationRuntimeStartFailed", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "SSISIntegrationRuntimeStartFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), field('tags._amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json b/services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json new file mode 100644 index 000000000..07e52c70e --- /dev/null +++ b/services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c30b6089-59c5-4452-b382-d33152be9b03", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories SSISPackageExecutionFailed Alert", + "description": "Policy to Audit/Deploy DataFactory factories SSISPackageExecutionFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SSISPackageExecutionFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SSISPackageExecutionFailed-threshold-Override_'), field('tags._amba-SSISPackageExecutionFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SSISPackageExecutionFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories SSISPackageExecutionFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SSISPackageExecutionFailed", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "SSISPackageExecutionFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SSISPackageExecutionFailed-threshold-Override_'), field('tags._amba-SSISPackageExecutionFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json b/services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json new file mode 100644 index 000000000..d79bfa883 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9c7bde49-f0c2-4a07-b150-5dc9464fcf29", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories TriggerFailedRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories TriggerFailedRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerFailedRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggerFailedRuns-threshold-Override_'), field('tags._amba-TriggerFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerFailedRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories TriggerFailedRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerFailedRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "TriggerFailedRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggerFailedRuns-threshold-Override_'), field('tags._amba-TriggerFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json b/services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json new file mode 100644 index 000000000..d780f1968 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b8286cfa-9f86-4309-954b-ef69a6d8982d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories TriggerSucceededRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories TriggerSucceededRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerSucceededRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggerSucceededRuns-threshold-Override_'), field('tags._amba-TriggerSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerSucceededRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories TriggerSucceededRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerSucceededRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "TriggerSucceededRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggerSucceededRuns-threshold-Override_'), field('tags._amba-TriggerSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json b/services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json new file mode 100644 index 000000000..6e7842538 --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d78fc655-68ca-4877-ac60-7fc805f1ae94", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs dailyMessageQuotaUsed Alert", + "description": "Policy to Audit/Deploy Devices IotHubs dailyMessageQuotaUsed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "360000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dailyMessageQuotaUsed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dailyMessageQuotaUsed-threshold-Override_'), field('tags._amba-dailyMessageQuotaUsed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dailyMessageQuotaUsed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs dailyMessageQuotaUsed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dailyMessageQuotaUsed", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "dailyMessageQuotaUsed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dailyMessageQuotaUsed-threshold-Override_'), field('tags._amba-dailyMessageQuotaUsed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json b/services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json new file mode 100644 index 000000000..de4d27a90 --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d5a028d1-ae0e-4349-8a79-630f891c8235", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs d2c.telemetry.egress.dropped Alert", + "description": "Policy to Audit/Deploy Devices IotHubs d2c.telemetry.egress.dropped Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "d2c.telemetry.egress.dropped" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-d2c.telemetry.egress.dropped-threshold-Override_'), field('tags._amba-d2c.telemetry.egress.dropped-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-d2c.telemetry.egress.dropped')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs d2c.telemetry.egress.dropped", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "d2c.telemetry.egress.dropped", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "d2c.telemetry.egress.dropped", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-d2c.telemetry.egress.dropped-threshold-Override_'), field('tags._amba-d2c.telemetry.egress.dropped-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json b/services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json new file mode 100644 index 000000000..cd46fc0ef --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "65deae31-85e8-477a-b17e-50d2d10cd7b0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs d2c.telemetry.ingress.sendThrottle Alert", + "description": "Policy to Audit/Deploy Devices IotHubs d2c.telemetry.ingress.sendThrottle Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "d2c.telemetry.ingress.sendThrottle" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-d2c.telemetry.ingress.sendThrottle')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs d2c.telemetry.ingress.sendThrottle", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "d2c.telemetry.ingress.sendThrottle", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "d2c.telemetry.ingress.sendThrottle", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json b/services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json new file mode 100644 index 000000000..ac547ef9f --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "85de8003-c1d8-4cd1-80b5-e125399ef293", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs d2c.telemetry.ingress.success Alert", + "description": "Policy to Audit/Deploy Devices IotHubs d2c.telemetry.ingress.success Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "24000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "d2c.telemetry.ingress.success" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.success-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.success-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-d2c.telemetry.ingress.success')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs d2c.telemetry.ingress.success", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "d2c.telemetry.ingress.success", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "d2c.telemetry.ingress.success", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.success-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.success-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json b/services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json new file mode 100644 index 000000000..c1ecaeb86 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0914c189-0adc-45d6-8704-d2ae73b9b7b6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts DataUsage Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts DataUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2147483648" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DataUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DataUsage-threshold-Override_'), field('tags._amba-DataUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DataUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts DataUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DataUsage", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "DataUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DataUsage-threshold-Override_'), field('tags._amba-DataUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json b/services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json new file mode 100644 index 000000000..078ad3d83 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3f30e3aa-7e17-4eaf-a437-a420f5a23bf2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts MongoRequests Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts MongoRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MongoRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MongoRequests-threshold-Override_'), field('tags._amba-MongoRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MongoRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts MongoRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MongoRequests", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "MongoRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MongoRequests-threshold-Override_'), field('tags._amba-MongoRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json b/services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json new file mode 100644 index 000000000..7b36699a4 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9bae539a-12ed-46e2-b105-101ce036c9a4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts NormalizedRUConsumption Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts NormalizedRUConsumption Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NormalizedRUConsumption" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NormalizedRUConsumption-threshold-Override_'), field('tags._amba-NormalizedRUConsumption-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NormalizedRUConsumption')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts NormalizedRUConsumption", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NormalizedRUConsumption", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "NormalizedRUConsumption", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NormalizedRUConsumption-threshold-Override_'), field('tags._amba-NormalizedRUConsumption-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json b/services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json new file mode 100644 index 000000000..39c6429bf --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0cb53be3-76b5-44be-9f32-bcc821be34b6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts OfflineRegion Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts OfflineRegion Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OfflineRegion" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OfflineRegion-threshold-Override_'), field('tags._amba-OfflineRegion-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OfflineRegion')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts OfflineRegion", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OfflineRegion", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "OfflineRegion", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OfflineRegion-threshold-Override_'), field('tags._amba-OfflineRegion-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json b/services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json new file mode 100644 index 000000000..3e881d76f --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f77ce9c2-bb95-47e7-8e5d-75d5c098f489", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ProvisionedThroughput Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ProvisionedThroughput Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProvisionedThroughput" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProvisionedThroughput-threshold-Override_'), field('tags._amba-ProvisionedThroughput-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProvisionedThroughput')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ProvisionedThroughput", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProvisionedThroughput", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ProvisionedThroughput", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProvisionedThroughput-threshold-Override_'), field('tags._amba-ProvisionedThroughput-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json b/services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json new file mode 100644 index 000000000..f22b26514 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9c41c539-b81b-4917-b04a-e67225f78e75", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts RegionFailover Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts RegionFailover Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RegionFailover" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RegionFailover-threshold-Override_'), field('tags._amba-RegionFailover-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RegionFailover')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts RegionFailover", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RegionFailover", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "RegionFailover", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RegionFailover-threshold-Override_'), field('tags._amba-RegionFailover-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json b/services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json new file mode 100644 index 000000000..5e48c47e9 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "228e104f-002a-441d-91ec-6140f233c1a4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts RemoveRegion Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts RemoveRegion Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RemoveRegion" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RemoveRegion-threshold-Override_'), field('tags._amba-RemoveRegion-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RemoveRegion')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts RemoveRegion", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RemoveRegion", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "RemoveRegion", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RemoveRegion-threshold-Override_'), field('tags._amba-RemoveRegion-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json b/services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json new file mode 100644 index 000000000..4fe8cd02b --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cf0655a4-042d-4979-bbc7-5559eaa8f2b9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ReplicationLatency Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ReplicationLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ReplicationLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ReplicationLatency-threshold-Override_'), field('tags._amba-ReplicationLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ReplicationLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ReplicationLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ReplicationLatency", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ReplicationLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ReplicationLatency-threshold-Override_'), field('tags._amba-ReplicationLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json b/services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json new file mode 100644 index 000000000..196ab0800 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ServerSideLatency Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ServerSideLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerSideLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerSideLatency-threshold-Override_'), field('tags._amba-ServerSideLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerSideLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ServerSideLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerSideLatency", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ServerSideLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerSideLatency-threshold-Override_'), field('tags._amba-ServerSideLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json b/services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json new file mode 100644 index 000000000..66db4c8b2 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ee10b769-b38b-44d1-9fd3-926b8dca4c41", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ServiceAvailability Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ServiceAvailability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServiceAvailability-threshold-Override_'), field('tags._amba-ServiceAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ServiceAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceAvailability", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ServiceAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServiceAvailability-threshold-Override_'), field('tags._amba-ServiceAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json b/services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json new file mode 100644 index 000000000..317b928d2 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "faf5510e-28b7-42c9-8ad1-de68a5737eaf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts SqlContainerDelete Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts SqlContainerDelete Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SqlContainerDelete" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SqlContainerDelete-threshold-Override_'), field('tags._amba-SqlContainerDelete-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SqlContainerDelete')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts SqlContainerDelete", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SqlContainerDelete", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "SqlContainerDelete", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SqlContainerDelete-threshold-Override_'), field('tags._amba-SqlContainerDelete-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json b/services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json new file mode 100644 index 000000000..5b5d89237 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a7958120-a386-46d0-9790-e80bfa72fb22", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts SqlDatabaseDelete Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts SqlDatabaseDelete Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SqlDatabaseDelete" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SqlDatabaseDelete-threshold-Override_'), field('tags._amba-SqlDatabaseDelete-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SqlDatabaseDelete')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts SqlDatabaseDelete", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SqlDatabaseDelete", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "SqlDatabaseDelete", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SqlDatabaseDelete-threshold-Override_'), field('tags._amba-SqlDatabaseDelete-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json new file mode 100644 index 000000000..7992773a6 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14fc7c6b-484f-427f-a1d2-94cded799f88", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts TotalRequestUnits Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts TotalRequestUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequestUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequestUnits-threshold-Override_'), field('tags._amba-TotalRequestUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequestUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts TotalRequestUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequestUnits", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "TotalRequestUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequestUnits-threshold-Override_'), field('tags._amba-TotalRequestUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json new file mode 100644 index 000000000..2f4729df8 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2a1deb2d-1fc0-499b-a828-04aeece855fe", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts TotalRequests Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json b/services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json new file mode 100644 index 000000000..73578c197 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d4d7685a-ce55-4709-a847-747d02165cb7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts UpdateAccountKeys Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts UpdateAccountKeys Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UpdateAccountKeys" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UpdateAccountKeys-threshold-Override_'), field('tags._amba-UpdateAccountKeys-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UpdateAccountKeys')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts UpdateAccountKeys", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UpdateAccountKeys", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "UpdateAccountKeys", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UpdateAccountKeys-threshold-Override_'), field('tags._amba-UpdateAccountKeys-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json b/services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json new file mode 100644 index 000000000..f11d259e7 --- /dev/null +++ b/services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "51ff86c0-2add-42e0-aab8-f6f0edcf2b51", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid domains DeliveryAttemptFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid domains DeliveryAttemptFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/domains" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/domains" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeliveryAttemptFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/domains/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeliveryAttemptFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid domains DeliveryAttemptFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeliveryAttemptFailCount", + "metricNamespace": "Microsoft.EventGrid/domains", + "metricName": "DeliveryAttemptFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json b/services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json new file mode 100644 index 000000000..b04dd58f0 --- /dev/null +++ b/services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c02f2d18-2b7e-4d85-81fa-2c1437d0b092", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid systemTopics DeadLetteredCount Alert", + "description": "Policy to Audit/Deploy EventGrid systemTopics DeadLetteredCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeadLetteredCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/systemTopics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeadLetteredCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid systemTopics DeadLetteredCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeadLetteredCount", + "metricNamespace": "Microsoft.EventGrid/systemTopics", + "metricName": "DeadLetteredCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json b/services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json new file mode 100644 index 000000000..c7cd1c28a --- /dev/null +++ b/services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6584a39d-0795-4132-8c33-376d3926d21b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid systemTopics DeliveryAttemptFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid systemTopics DeliveryAttemptFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeliveryAttemptFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/systemTopics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeliveryAttemptFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid systemTopics DeliveryAttemptFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeliveryAttemptFailCount", + "metricNamespace": "Microsoft.EventGrid/systemTopics", + "metricName": "DeliveryAttemptFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json b/services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json new file mode 100644 index 000000000..91225b634 --- /dev/null +++ b/services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fb8bc2ae-26bc-45a1-b616-1f45ffb864ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid systemTopics PublishFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid systemTopics PublishFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PublishFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/systemTopics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PublishFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid systemTopics PublishFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PublishFailCount", + "metricNamespace": "Microsoft.EventGrid/systemTopics", + "metricName": "PublishFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json b/services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json new file mode 100644 index 000000000..832653126 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "343258f9-4bb2-41fb-abfa-d04ea62a6aad", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics DeadLetteredCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics DeadLetteredCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeadLetteredCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeadLetteredCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics DeadLetteredCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeadLetteredCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "DeadLetteredCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json b/services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json new file mode 100644 index 000000000..04639bbd1 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "95865d3b-41d0-4ad6-b08b-a2dcfe0940a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics DeliveryAttemptFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics DeliveryAttemptFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeliveryAttemptFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeliveryAttemptFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics DeliveryAttemptFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeliveryAttemptFailCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "DeliveryAttemptFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json b/services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json new file mode 100644 index 000000000..d8f9eeba8 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e9561f89-282e-4145-b5cc-8485a7fc987c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics DroppedEventCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics DroppedEventCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DroppedEventCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DroppedEventCount-threshold-Override_'), field('tags._amba-DroppedEventCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DroppedEventCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics DroppedEventCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DroppedEventCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "DroppedEventCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DroppedEventCount-threshold-Override_'), field('tags._amba-DroppedEventCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json b/services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json new file mode 100644 index 000000000..f132be468 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "230c0173-8b36-4412-9617-3e096886a403", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics PublishFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics PublishFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PublishFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PublishFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics PublishFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PublishFailCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "PublishFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json b/services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json new file mode 100644 index 000000000..546a6dc69 --- /dev/null +++ b/services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8875590a-9f72-49a2-807f-62437f8079b1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub clusters CPU Alert", + "description": "Policy to Audit/Deploy EventHub clusters CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub clusters CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU", + "metricNamespace": "Microsoft.EventHub/clusters", + "metricName": "CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json b/services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json new file mode 100644 index 000000000..cb891d02e --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2959b52d-6756-480d-9193-b2c0c4c5d305", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces CaptureBacklog Alert", + "description": "Policy to Audit/Deploy EventHub namespaces CaptureBacklog Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CaptureBacklog" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CaptureBacklog-threshold-Override_'), field('tags._amba-CaptureBacklog-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CaptureBacklog')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces CaptureBacklog", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CaptureBacklog", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "CaptureBacklog", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CaptureBacklog-threshold-Override_'), field('tags._amba-CaptureBacklog-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json b/services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json new file mode 100644 index 000000000..f90e50175 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2ca39ff3-6f87-438c-81f6-7ce51f70902f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces IncomingBytes Alert", + "description": "Policy to Audit/Deploy EventHub namespaces IncomingBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IncomingBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IncomingBytes-threshold-Override_'), field('tags._amba-IncomingBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IncomingBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces IncomingBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IncomingBytes", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "IncomingBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IncomingBytes-threshold-Override_'), field('tags._amba-IncomingBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json b/services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json new file mode 100644 index 000000000..41349859b --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4f1964ce-6938-499a-af3d-bb746aaff72a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces IncomingMessages Alert", + "description": "Policy to Audit/Deploy EventHub namespaces IncomingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IncomingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IncomingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces IncomingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IncomingMessages", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "IncomingMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json b/services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json new file mode 100644 index 000000000..e5ee86a50 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9c1e74c-bd3a-438c-bd13-7a2fec2d172c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces NamespaceCpuUsage Alert", + "description": "Policy to Audit/Deploy EventHub namespaces NamespaceCpuUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceCpuUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceCpuUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces NamespaceCpuUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceCpuUsage", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "NamespaceCpuUsage", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json b/services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json new file mode 100644 index 000000000..a35cb2dea --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "26972609-fbb4-4fb9-b7f8-7b99a06bb4e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces NamespaceMemoryUsage Alert", + "description": "Policy to Audit/Deploy EventHub namespaces NamespaceMemoryUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceMemoryUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceMemoryUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces NamespaceMemoryUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceMemoryUsage", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "NamespaceMemoryUsage", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json b/services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json new file mode 100644 index 000000000..5e3ce569e --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "46a66177-c487-4ed1-b2fc-19c0bf52b168", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces OutgoingBytes Alert", + "description": "Policy to Audit/Deploy EventHub namespaces OutgoingBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutgoingBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutgoingBytes-threshold-Override_'), field('tags._amba-OutgoingBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutgoingBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces OutgoingBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutgoingBytes", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "OutgoingBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutgoingBytes-threshold-Override_'), field('tags._amba-OutgoingBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json b/services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json new file mode 100644 index 000000000..e83bb3e81 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c67b86dc-74d5-4ea1-882e-de257d054ff3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces OutgoingMessages Alert", + "description": "Policy to Audit/Deploy EventHub namespaces OutgoingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutgoingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutgoingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces OutgoingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutgoingMessages", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "OutgoingMessages", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json b/services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json new file mode 100644 index 000000000..84b0b6162 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "237493ef-15c0-4e87-80bc-f8c59dd897ce", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces QuotaExceededErrors Alert", + "description": "Policy to Audit/Deploy EventHub namespaces QuotaExceededErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QuotaExceededErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QuotaExceededErrors-threshold-Override_'), field('tags._amba-QuotaExceededErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QuotaExceededErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces QuotaExceededErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QuotaExceededErrors", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "QuotaExceededErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QuotaExceededErrors-threshold-Override_'), field('tags._amba-QuotaExceededErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json b/services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json new file mode 100644 index 000000000..ac76b09fb --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "48581aa9-53ee-4467-b04c-402061fe40e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces ServerErrors Alert", + "description": "Policy to Audit/Deploy EventHub namespaces ServerErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces ServerErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerErrors", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "ServerErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json b/services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json new file mode 100644 index 000000000..fe3faf6ed --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1684f387-04e6-440c-a931-f57efdc84cd2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces ThrottledRequests Alert", + "description": "Policy to Audit/Deploy EventHub namespaces ThrottledRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces ThrottledRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledRequests", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "ThrottledRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json b/services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json new file mode 100644 index 000000000..a6a945f3e --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b1700765-b168-4ad4-a73e-f3a93a6bf5cf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces UserErrors Alert", + "description": "Policy to Audit/Deploy EventHub namespaces UserErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UserErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UserErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces UserErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UserErrors", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "UserErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json b/services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json new file mode 100644 index 000000000..6a990980e --- /dev/null +++ b/services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "30ba09b3-4e96-403d-a295-8f37788914aa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy HealthcareApis services TotalLatency Alert", + "description": "Policy to Audit/Deploy HealthcareApis services TotalLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "HealthcareApis", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.HealthcareApis/services/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for HealthcareApis services TotalLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalLatency", + "metricNamespace": "Microsoft.HealthcareApis/services", + "metricName": "TotalLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json b/services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json new file mode 100644 index 000000000..c38dca6a1 --- /dev/null +++ b/services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "75dbbcf0-d6ae-401f-8765-ba643385da9b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy HealthcareApis services TotalRequests Alert", + "description": "Policy to Audit/Deploy HealthcareApis services TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "HealthcareApis", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.HealthcareApis/services/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for HealthcareApis services TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.HealthcareApis/services", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json b/services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json new file mode 100644 index 000000000..84b2aeb28 --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_KeyVault_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log Key Vault Delete Alert", + "description": "Policy to Deploy Activity Log Key Vault Delete Alert", + "metadata": { + "version": "1.0.1", + "category": "Key Vault", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "microsoft.keyvault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityKeyVaultDelete", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.KeyVault/vaults/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityKeyVaultDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityKeyVaultDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log Key Vault Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.KeyVault/vaults/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json b/services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json new file mode 100644 index 000000000..3b643438f --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a3c8bcb4-22ca-45be-92f7-605f232ecec2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Availability Alert", + "description": "Policy to Audit/Deploy KeyVault Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Availability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Availability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults Availability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Availability", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "Availability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json b/services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json new file mode 100644 index 000000000..9b7ba6edc --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dc852755-e5df-4fd0-83ac-cbbc516f60b3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Capacity Alert", + "description": "Policy to Audit/Deploy KeyVault Capacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SaturationShoebox" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SaturationShoebox-threshold-Override_'), field('tags._amba-SaturationShoebox-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SaturationShoebox')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults SaturationShoebox", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SaturationShoebox", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "SaturationShoebox", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SaturationShoebox-threshold-Override_'), field('tags._amba-SaturationShoebox-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json b/services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json new file mode 100644 index 000000000..b34d7f57d --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7b52bf07-3d86-4429-b5d4-829a6a5542df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault vaults ServiceApiHit Alert", + "description": "Policy to Audit/Deploy KeyVault vaults ServiceApiHit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceApiHit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServiceApiHit-threshold-Override_'), field('tags._amba-ServiceApiHit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceApiHit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults ServiceApiHit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceApiHit", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "ServiceApiHit", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServiceApiHit-threshold-Override_'), field('tags._amba-ServiceApiHit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json b/services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json new file mode 100644 index 000000000..35edd20eb --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2651f57f-ac74-44f3-8511-c245488134f8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Latency Alert", + "description": "Policy to Audit/Deploy KeyVault Latency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceApiLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceApiLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults ServiceApiLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceApiLatency", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "ServiceApiLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json b/services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json new file mode 100644 index 000000000..d22ac7ecd --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14356b19-1264-498d-b1cd-e3fa9f0c9fc9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Requests Alert", + "description": "Policy to Audit/Deploy KeyVault Requests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceApiResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceApiResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults ServiceApiResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceApiResult", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "ServiceApiResult", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json b/services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json new file mode 100644 index 000000000..f573168a2 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "422c292e-54e3-4e7d-93e2-bcd1bf65dae6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters BlobsDropped Alert", + "description": "Policy to Audit/Deploy Kusto clusters BlobsDropped Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlobsDropped" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlobsDropped-threshold-Override_'), field('tags._amba-BlobsDropped-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlobsDropped')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters BlobsDropped", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlobsDropped", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "BlobsDropped", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlobsDropped-threshold-Override_'), field('tags._amba-BlobsDropped-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json b/services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json new file mode 100644 index 000000000..caa916115 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cae6ec0a-a26d-494b-94b2-3d93dcedff42", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters CPU Alert", + "description": "Policy to Audit/Deploy Kusto clusters CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json b/services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json new file mode 100644 index 000000000..ed9c20cc5 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8493c362-2524-4079-9025-8f5ffee62936", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters IngestionLatencyInSeconds Alert", + "description": "Policy to Audit/Deploy Kusto clusters IngestionLatencyInSeconds Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1800" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IngestionLatencyInSeconds" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Minimum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IngestionLatencyInSeconds-threshold-Override_'), field('tags._amba-IngestionLatencyInSeconds-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IngestionLatencyInSeconds')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters IngestionLatencyInSeconds", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IngestionLatencyInSeconds", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "IngestionLatencyInSeconds", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Minimum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IngestionLatencyInSeconds-threshold-Override_'), field('tags._amba-IngestionLatencyInSeconds-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json b/services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json new file mode 100644 index 000000000..2f1560fb3 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6c4213c5-743f-48b8-b957-dd26fbf8809e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters IngestionResult Alert", + "description": "Policy to Audit/Deploy Kusto clusters IngestionResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "300" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IngestionResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IngestionResult-threshold-Override_'), field('tags._amba-IngestionResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IngestionResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters IngestionResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IngestionResult", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "IngestionResult", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IngestionResult-threshold-Override_'), field('tags._amba-IngestionResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json b/services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json new file mode 100644 index 000000000..7bb4d4a61 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "188fc0b5-a686-48a7-950f-76f183ba49d6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters KeepAlive Alert", + "description": "Policy to Audit/Deploy Kusto clusters KeepAlive Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "KeepAlive" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-KeepAlive-threshold-Override_'), field('tags._amba-KeepAlive-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-KeepAlive')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters KeepAlive", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "KeepAlive", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "KeepAlive", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-KeepAlive-threshold-Override_'), field('tags._amba-KeepAlive-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json b/services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json new file mode 100644 index 000000000..35d501b95 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b131dc45-d6ac-4521-8206-a365ac2dbe52", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters QueryResult Alert", + "description": "Policy to Audit/Deploy Kusto clusters QueryResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueryResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueryResult-threshold-Override_'), field('tags._amba-QueryResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueryResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters QueryResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueryResult", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "QueryResult", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueryResult-threshold-Override_'), field('tags._amba-QueryResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json b/services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json new file mode 100644 index 000000000..d6c9b564b --- /dev/null +++ b/services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d8bf77d2-8572-4392-8097-5e84f136513d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows ActionLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows ActionLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActionLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActionLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows ActionLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActionLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "ActionLatency", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json b/services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json new file mode 100644 index 000000000..6d1366bf1 --- /dev/null +++ b/services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5aa5790b-2bff-40b0-9099-38485b9a9e0a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows ActionThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows ActionThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActionThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActionThrottledEvents-threshold-Override_'), field('tags._amba-ActionThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActionThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows ActionThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActionThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "ActionThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActionThrottledEvents-threshold-Override_'), field('tags._amba-ActionThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json b/services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json new file mode 100644 index 000000000..8daef09df --- /dev/null +++ b/services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "514f695a-4f11-4a28-9516-f7f3b5b1c53b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows ActionsFailed Alert", + "description": "Policy to Audit/Deploy Logic workflows ActionsFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActionsFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActionsFailed-threshold-Override_'), field('tags._amba-ActionsFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActionsFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows ActionsFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActionsFailed", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "ActionsFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActionsFailed-threshold-Override_'), field('tags._amba-ActionsFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json b/services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json new file mode 100644 index 000000000..4b4341d36 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c4864d80-dd28-4344-a135-03b600920c06", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunFailurePercentage Alert", + "description": "Policy to Audit/Deploy Logic workflows RunFailurePercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunFailurePercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunFailurePercentage-threshold-Override_'), field('tags._amba-RunFailurePercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunFailurePercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunFailurePercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunFailurePercentage", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunFailurePercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunFailurePercentage-threshold-Override_'), field('tags._amba-RunFailurePercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json b/services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json new file mode 100644 index 000000000..0da344ff9 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb44cbdc-a259-4354-9b54-2bc72f811440", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows RunLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99999" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunLatency-threshold-Override_'), field('tags._amba-RunLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunLatency-threshold-Override_'), field('tags._amba-RunLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json b/services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json new file mode 100644 index 000000000..92101f4e8 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6524b22c-661e-48cd-87e7-7ee9ddea7b8b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunStartThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows RunStartThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunStartThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunStartThrottledEvents-threshold-Override_'), field('tags._amba-RunStartThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunStartThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunStartThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunStartThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunStartThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunStartThrottledEvents-threshold-Override_'), field('tags._amba-RunStartThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json b/services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json new file mode 100644 index 000000000..4a4cb355f --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "346ba728-f7a1-4ca4-8486-786d6ebb9f9a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunSuccessLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows RunSuccessLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunSuccessLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunSuccessLatency-threshold-Override_'), field('tags._amba-RunSuccessLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunSuccessLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunSuccessLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunSuccessLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunSuccessLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunSuccessLatency-threshold-Override_'), field('tags._amba-RunSuccessLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json b/services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json new file mode 100644 index 000000000..99a596a76 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9d324d21-ab2b-48b7-a637-4b1d9891d6b5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows RunThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunThrottledEvents-threshold-Override_'), field('tags._amba-RunThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunThrottledEvents-threshold-Override_'), field('tags._amba-RunThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json b/services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json new file mode 100644 index 000000000..a3bc869a0 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a4b5f1f3-aa12-4ed5-8a9d-a135204d22de", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsCancelled Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsCancelled Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsCancelled" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsCancelled-threshold-Override_'), field('tags._amba-RunsCancelled-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsCancelled')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsCancelled", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsCancelled", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsCancelled", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsCancelled-threshold-Override_'), field('tags._amba-RunsCancelled-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json b/services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json new file mode 100644 index 000000000..9deef7ec1 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5d020d4d-9359-4ecd-934a-409d0e4a5abd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsCompleted Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsCompleted Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsCompleted" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsCompleted')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsCompleted", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsCompleted", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsCompleted", + "operator": "LessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Count", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json b/services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json new file mode 100644 index 000000000..98da0ca4f --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "350cc22f-d202-4c7c-9239-cbdb3b71e14b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsFailed Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsFailed-threshold-Override_'), field('tags._amba-RunsFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsFailed", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsFailed-threshold-Override_'), field('tags._amba-RunsFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json b/services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json new file mode 100644 index 000000000..7a15de786 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8f7a8cb8-feef-4eaa-9e74-18693ce9969e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsStarted Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsStarted Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsStarted" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsStarted-threshold-Override_'), field('tags._amba-RunsStarted-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsStarted')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsStarted", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsStarted", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsStarted", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsStarted-threshold-Override_'), field('tags._amba-RunsStarted-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json b/services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json new file mode 100644 index 000000000..aacbcdc07 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "16c2d231-f28b-4146-9aa3-57d419eb8780", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsSucceeded Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsSucceeded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsSucceeded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsSucceeded-threshold-Override_'), field('tags._amba-RunsSucceeded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsSucceeded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsSucceeded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsSucceeded", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsSucceeded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsSucceeded-threshold-Override_'), field('tags._amba-RunsSucceeded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json b/services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json new file mode 100644 index 000000000..5b8cbd78b --- /dev/null +++ b/services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "85bb464e-d9ce-496a-a66d-4c6d28d808df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TotalBillableExecutions Alert", + "description": "Policy to Audit/Deploy Logic workflows TotalBillableExecutions Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalBillableExecutions" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalBillableExecutions-threshold-Override_'), field('tags._amba-TotalBillableExecutions-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalBillableExecutions')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TotalBillableExecutions", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalBillableExecutions", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TotalBillableExecutions", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalBillableExecutions-threshold-Override_'), field('tags._amba-TotalBillableExecutions-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json b/services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json new file mode 100644 index 000000000..f38fb2a35 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "114f7c8e-e285-487d-9e50-7fe160769167", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggerLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggerLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggerLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggerLatency", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json b/services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json new file mode 100644 index 000000000..43c6bb466 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "42ae6a24-d545-4bbd-a7f9-8a3b6f977366", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggerThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggerThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggerThrottledEvents-threshold-Override_'), field('tags._amba-TriggerThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggerThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggerThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggerThrottledEvents-threshold-Override_'), field('tags._amba-TriggerThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json b/services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json new file mode 100644 index 000000000..c902e0649 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0378fd1f-976e-4a32-aa2b-25003e7d6ee5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggersFailed Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggersFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggersFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggersFailed-threshold-Override_'), field('tags._amba-TriggersFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggersFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggersFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggersFailed", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggersFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggersFailed-threshold-Override_'), field('tags._amba-TriggersFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json b/services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json new file mode 100644 index 000000000..d34f58747 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cb35fd68-9568-42f9-b527-44e77726b100", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggersSkipped Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggersSkipped Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggersSkipped" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggersSkipped-threshold-Override_'), field('tags._amba-TriggersSkipped-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggersSkipped')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggersSkipped", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggersSkipped", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggersSkipped", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggersSkipped-threshold-Override_'), field('tags._amba-TriggersSkipped-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json b/services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json new file mode 100644 index 000000000..a96588229 --- /dev/null +++ b/services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c897902c-40a5-497b-a0ce-86c3eda7c61d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy MachineLearningServices workspaces Failed Runs Alert", + "description": "Policy to Audit/Deploy MachineLearningServices workspaces Failed Runs Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "MachineLearningServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.MachineLearningServices/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.MachineLearningServices/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Failed Runs" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.MachineLearningServices/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Failed Runs-threshold-Override_'), field('tags._amba-Failed Runs-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Failed Runs')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for MachineLearningServices workspaces Failed Runs", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Failed Runs", + "metricNamespace": "Microsoft.MachineLearningServices/workspaces", + "metricName": "Failed Runs", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Failed Runs-threshold-Override_'), field('tags._amba-Failed Runs-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json b/services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json new file mode 100644 index 000000000..0bdb58181 --- /dev/null +++ b/services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c0f647d6-d7f4-46ab-8591-b2f2b481e8e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Media mediaservices AssetQuotaUsedPercentage Alert", + "description": "Policy to Audit/Deploy Media mediaservices AssetQuotaUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Media", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AssetQuotaUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Media/mediaservices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AssetQuotaUsedPercentage-threshold-Override_'), field('tags._amba-AssetQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AssetQuotaUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Media mediaservices AssetQuotaUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AssetQuotaUsedPercentage", + "metricNamespace": "Microsoft.Media/mediaservices", + "metricName": "AssetQuotaUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AssetQuotaUsedPercentage-threshold-Override_'), field('tags._amba-AssetQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json b/services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json new file mode 100644 index 000000000..b7cd4d8ed --- /dev/null +++ b/services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "65d02c68-e50f-4a0e-9de9-0d52edea4af0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Media mediaservices ContentKeyPolicyQuotaUsedPercentage Alert", + "description": "Policy to Audit/Deploy Media mediaservices ContentKeyPolicyQuotaUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Media", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ContentKeyPolicyQuotaUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Media/mediaservices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ContentKeyPolicyQuotaUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Media mediaservices ContentKeyPolicyQuotaUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ContentKeyPolicyQuotaUsedPercentage", + "metricNamespace": "Microsoft.Media/mediaservices", + "metricName": "ContentKeyPolicyQuotaUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json b/services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json new file mode 100644 index 000000000..114258663 --- /dev/null +++ b/services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9f91c6f3-e93e-4510-b72b-8678f6d38014", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Media mediaservices StreamingPolicyQuotaUsedPercentage Alert", + "description": "Policy to Audit/Deploy Media mediaservices StreamingPolicyQuotaUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Media", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StreamingPolicyQuotaUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Media/mediaservices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StreamingPolicyQuotaUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Media mediaservices StreamingPolicyQuotaUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StreamingPolicyQuotaUsedPercentage", + "metricNamespace": "Microsoft.Media/mediaservices", + "metricName": "StreamingPolicyQuotaUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json new file mode 100644 index 000000000..cd9af6ca4 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "30b0cb86-ba8b-4eeb-9067-88456ec403ad", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageReadLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageReadLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes AverageReadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageReadLatency", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "AverageReadLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json new file mode 100644 index 000000000..a423c7f08 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cb7001d3-8a0e-41ed-b281-44fee5379f06", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageReadLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageReadLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes AverageReadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageReadLatency", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "AverageReadLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json b/services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json new file mode 100644 index 000000000..f1d89d91a --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "075f0066-51f6-4c36-8000-ce7070493674", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes AverageWriteLatency Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes AverageWriteLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageWriteLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageWriteLatency-threshold-Override_'), field('tags._amba-AverageWriteLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageWriteLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes AverageWriteLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageWriteLatency", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "AverageWriteLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageWriteLatency-threshold-Override_'), field('tags._amba-AverageWriteLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json b/services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json new file mode 100644 index 000000000..456c67ed9 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "27768691-301d-4938-bd8a-85598c2b50c6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes CbsVolumeOperationComplete Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes CbsVolumeOperationComplete Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CbsVolumeOperationComplete" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CbsVolumeOperationComplete-threshold-Override_'), field('tags._amba-CbsVolumeOperationComplete-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CbsVolumeOperationComplete')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes CbsVolumeOperationComplete", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CbsVolumeOperationComplete", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "CbsVolumeOperationComplete", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CbsVolumeOperationComplete-threshold-Override_'), field('tags._amba-CbsVolumeOperationComplete-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json b/services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json new file mode 100644 index 000000000..c336b16cf --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1be09484-96ee-4399-8ed4-35f5f4b5c23e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes VolumeAllocatedSize Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes VolumeAllocatedSize Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "107374182400" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VolumeAllocatedSize" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VolumeAllocatedSize-threshold-Override_'), field('tags._amba-VolumeAllocatedSize-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VolumeAllocatedSize')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes VolumeAllocatedSize", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VolumeAllocatedSize", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "VolumeAllocatedSize", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VolumeAllocatedSize-threshold-Override_'), field('tags._amba-VolumeAllocatedSize-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json b/services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json new file mode 100644 index 000000000..e37be05e2 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d474e6d2-0b9a-4912-ae61-16dc23126b3f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes VolumeConsumedSizePercentage Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes VolumeConsumedSizePercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VolumeConsumedSizePercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VolumeConsumedSizePercentage-threshold-Override_'), field('tags._amba-VolumeConsumedSizePercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VolumeConsumedSizePercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes VolumeConsumedSizePercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VolumeConsumedSizePercentage", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "VolumeConsumedSizePercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VolumeConsumedSizePercentage-threshold-Override_'), field('tags._amba-VolumeConsumedSizePercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json b/services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json new file mode 100644 index 000000000..35c13f94d --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "149f6b6c-4729-4da4-af00-bccbb1cce9ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes VolumeLogicalSize Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes VolumeLogicalSize Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85899345920" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VolumeLogicalSize" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VolumeLogicalSize-threshold-Override_'), field('tags._amba-VolumeLogicalSize-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VolumeLogicalSize')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes VolumeLogicalSize", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VolumeLogicalSize", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "VolumeLogicalSize", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VolumeLogicalSize-threshold-Override_'), field('tags._amba-VolumeLogicalSize-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json b/services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json new file mode 100644 index 000000000..a817686fe --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "73fa1878-d22d-4e8d-922d-9f146454cc40", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways ApplicationGatewayTotalTime Alert", + "description": "Policy to Audit/Deploy Network applicationGateways ApplicationGatewayTotalTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ApplicationGatewayTotalTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ApplicationGatewayTotalTime-threshold-Override_'), field('tags._amba-ApplicationGatewayTotalTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ApplicationGatewayTotalTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways ApplicationGatewayTotalTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ApplicationGatewayTotalTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "ApplicationGatewayTotalTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ApplicationGatewayTotalTime-threshold-Override_'), field('tags._amba-ApplicationGatewayTotalTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json b/services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json new file mode 100644 index 000000000..5dd6de34a --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d5827f03-efb6-4257-96e2-b6e34e3bef7e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways AzwafSecRule Alert", + "description": "Policy to Audit/Deploy Network applicationGateways AzwafSecRule Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AzwafSecRule" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AzwafSecRule-threshold-Override_'), field('tags._amba-AzwafSecRule-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AzwafSecRule')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways AzwafSecRule", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AzwafSecRule", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "AzwafSecRule", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AzwafSecRule-threshold-Override_'), field('tags._amba-AzwafSecRule-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json b/services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json new file mode 100644 index 000000000..ad22269ce --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e636b3ea-da2d-42f5-aedf-12b69432ac1f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways BackendConnectTime Alert", + "description": "Policy to Audit/Deploy Network applicationGateways BackendConnectTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendConnectTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendConnectTime-threshold-Override_'), field('tags._amba-BackendConnectTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendConnectTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendConnectTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendConnectTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendConnectTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendConnectTime-threshold-Override_'), field('tags._amba-BackendConnectTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json b/services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json new file mode 100644 index 000000000..f9e992387 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3cbcad15-0bb6-423e-87c1-4d40722103d6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways BackendFirstByteResponseTime Alert", + "description": "Policy to Audit/Deploy Network applicationGateways BackendFirstByteResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendFirstByteResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendFirstByteResponseTime-threshold-Override_'), field('tags._amba-BackendFirstByteResponseTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendFirstByteResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendFirstByteResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendFirstByteResponseTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendFirstByteResponseTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendFirstByteResponseTime-threshold-Override_'), field('tags._amba-BackendFirstByteResponseTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json b/services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json new file mode 100644 index 000000000..26aad2675 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "57c7b576-d4b2-4aa7-8c58-5c0ccbf94726", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Azure Application Gateway BackendLastByteResponseTime Alert", + "description": "Policy to Audit/Deploy Azure Application Gateway BackendLastByteResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendLastByteResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 2 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 2 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendLastByteResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendLastByteResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendLastByteResponseTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendLastByteResponseTime", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 2, + "numberOfEvaluationPeriods": 2 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json b/services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json new file mode 100644 index 000000000..2f746b648 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c319a40c-3750-4fb4-a36d-beb3d09ef2ee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways BackendResponseStatus Alert", + "description": "Policy to Audit/Deploy Network applicationGateways BackendResponseStatus Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendResponseStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendResponseStatus-threshold-Override_'), field('tags._amba-BackendResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendResponseStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendResponseStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendResponseStatus", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendResponseStatus", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendResponseStatus-threshold-Override_'), field('tags._amba-BackendResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json b/services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json new file mode 100644 index 000000000..2d4d12121 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d43ca9ef-6211-40ff-972e-fffb17923fc9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways CapacityUnits Alert", + "description": "Policy to Audit/Deploy Network applicationGateways CapacityUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CapacityUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CapacityUnits-threshold-Override_'), field('tags._amba-CapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CapacityUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways CapacityUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CapacityUnits", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "CapacityUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CapacityUnits-threshold-Override_'), field('tags._amba-CapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json b/services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json new file mode 100644 index 000000000..9ed953845 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e59f4d17-2600-4bcc-ab57-6c695d37a0b2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways ComputeUnits Alert", + "description": "Policy to Audit/Deploy Network applicationGateways ComputeUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ComputeUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ComputeUnits-threshold-Override_'), field('tags._amba-ComputeUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ComputeUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways ComputeUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ComputeUnits", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "ComputeUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ComputeUnits-threshold-Override_'), field('tags._amba-ComputeUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json b/services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json new file mode 100644 index 000000000..b4d907dc9 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9c8be4c5-5ba3-47ef-8a0a-97144734a336", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways CpuUtilization Alert", + "description": "Policy to Audit/Deploy Network applicationGateways CpuUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuUtilization-threshold-Override_'), field('tags._amba-CpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways CpuUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuUtilization", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "CpuUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuUtilization-threshold-Override_'), field('tags._amba-CpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json b/services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json new file mode 100644 index 000000000..6a55399d1 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "695b9710-e432-4521-9042-36287f0fc5ba", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways CurrentConnections Alert", + "description": "Policy to Audit/Deploy Network applicationGateways CurrentConnections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CurrentConnections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CurrentConnections-threshold-Override_'), field('tags._amba-CurrentConnections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CurrentConnections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways CurrentConnections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CurrentConnections", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "CurrentConnections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CurrentConnections-threshold-Override_'), field('tags._amba-CurrentConnections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json b/services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json new file mode 100644 index 000000000..a68eb7ddc --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e77b6820-e115-4e33-97c1-9bb902eec3b2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways EstimatedBilledCapacityUnits Alert", + "description": "Policy to Audit/Deploy Network applicationGateways EstimatedBilledCapacityUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "EstimatedBilledCapacityUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-EstimatedBilledCapacityUnits-threshold-Override_'), field('tags._amba-EstimatedBilledCapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-EstimatedBilledCapacityUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways EstimatedBilledCapacityUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "EstimatedBilledCapacityUnits", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "EstimatedBilledCapacityUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-EstimatedBilledCapacityUnits-threshold-Override_'), field('tags._amba-EstimatedBilledCapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json b/services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json new file mode 100644 index 000000000..2b967e87a --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "73afde26-bd0c-4c31-8801-5b2444629448", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways FailedRequests Alert", + "description": "Policy to Audit/Deploy Network applicationGateways FailedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FailedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FailedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways FailedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FailedRequests", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "FailedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json b/services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json new file mode 100644 index 000000000..dd554f837 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f03d1a7a-6bd3-42ae-89db-b36fd6ce5633", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways HealthyHostCount Alert", + "description": "Policy to Audit/Deploy Network applicationGateways HealthyHostCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HealthyHostCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HealthyHostCount-threshold-Override_'), field('tags._amba-HealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HealthyHostCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways HealthyHostCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HealthyHostCount", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "HealthyHostCount", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HealthyHostCount-threshold-Override_'), field('tags._amba-HealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json b/services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json new file mode 100644 index 000000000..e8476d254 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6d77d848-23b1-4ff4-b9de-d421845d9566", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways ResponseStatus Alert", + "description": "Policy to Audit/Deploy Network applicationGateways ResponseStatus Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ResponseStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ResponseStatus-threshold-Override_'), field('tags._amba-ResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ResponseStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways ResponseStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ResponseStatus", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "ResponseStatus", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ResponseStatus-threshold-Override_'), field('tags._amba-ResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json b/services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json new file mode 100644 index 000000000..6ac990502 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7640663c-b2f7-41bf-9419-be5e8cfdf74e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways Throughput Alert", + "description": "Policy to Audit/Deploy Network applicationGateways Throughput Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "167772160" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Throughput" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Throughput')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways Throughput", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Throughput", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "Throughput", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json b/services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json new file mode 100644 index 000000000..be654353b --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "06982a17-4def-405d-bb59-4ecfb6486f9e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways TotalRequests Alert", + "description": "Policy to Audit/Deploy Network applicationGateways TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json b/services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json new file mode 100644 index 000000000..6d2e14582 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c88acf4e-2d23-4ac7-93fb-e44ded53ecee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways UnhealthyHostCount Alert", + "description": "Policy to Audit/Deploy Network applicationGateways UnhealthyHostCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UnhealthyHostCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UnhealthyHostCount-threshold-Override_'), field('tags._amba-UnhealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UnhealthyHostCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways UnhealthyHostCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UnhealthyHostCount", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "UnhealthyHostCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UnhealthyHostCount-threshold-Override_'), field('tags._amba-UnhealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json b/services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json new file mode 100644 index 000000000..939120580 --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_Firewall_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log Azure FireWall Delete Alert", + "description": "Policy to Deploy Activity Log Azure Firewall Delete Alert", + "metadata": { + "version": "1.0.2", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityAzureFirewallDelete", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/azureFirewalls/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2020-10-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityAzureFirewallDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityAzureFirewallDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log Firewall Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/azurefirewalls/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json b/services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json new file mode 100644 index 000000000..050fa89b3 --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0ff72493-3822-4315-a146-8977a0963e39", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AFW FirewallHealth Alert", + "description": "Policy to Audit/Deploy AFW FirewallHealth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FirewallHealth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FirewallHealth-threshold-Override_'), field('tags._amba-FirewallHealth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FirewallHealth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network azureFirewalls FirewallHealth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FirewallHealth", + "metricNamespace": "Microsoft.Network/azureFirewalls", + "metricName": "FirewallHealth", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FirewallHealth-threshold-Override_'), field('tags._amba-FirewallHealth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json b/services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json new file mode 100644 index 000000000..06daea453 --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b23f1e82-a791-4610-aaa6-2d960b48b81d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AFW SNATPortUtilization Alert", + "description": "Policy to Audit/Deploy AFW SNATPortUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SNATPortUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SNATPortUtilization-threshold-Override_'), field('tags._amba-SNATPortUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SNATPortUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network azureFirewalls SNATPortUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SNATPortUtilization", + "metricNamespace": "Microsoft.Network/azureFirewalls", + "metricName": "SNATPortUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SNATPortUtilization-threshold-Override_'), field('tags._amba-SNATPortUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json b/services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json new file mode 100644 index 000000000..c016c31bf --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e8fdab4c-cc9a-4729-8619-a0f468f4dfdc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network azureFirewalls Throughput Alert", + "description": "Policy to Audit/Deploy Network azureFirewalls Throughput Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "27000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Throughput" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Throughput')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network azureFirewalls Throughput", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Throughput", + "metricNamespace": "Microsoft.Network/azureFirewalls", + "metricName": "Throughput", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json b/services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json new file mode 100644 index 000000000..229a16704 --- /dev/null +++ b/services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "afd848a8-8b18-410c-bcc1-1b6f06a5a231", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network bastionHosts pingmesh Alert", + "description": "Policy to Audit/Deploy Network bastionHosts pingmesh Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "pingmesh" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/bastionHosts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-pingmesh-threshold-Override_'), field('tags._amba-pingmesh-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-pingmesh')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network bastionHosts pingmesh", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "pingmesh", + "metricNamespace": "Microsoft.Network/bastionHosts", + "metricName": "pingmesh", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-pingmesh-threshold-Override_'), field('tags._amba-pingmesh-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json b/services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json new file mode 100644 index 000000000..d032364e0 --- /dev/null +++ b/services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0d4040d7-4478-46b5-98e0-14bb2f7b8ecf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network bastionHosts usage_user Alert", + "description": "Policy to Audit/Deploy Network bastionHosts usage_user Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usage_user" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/bastionHosts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usage_user-threshold-Override_'), field('tags._amba-usage_user-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usage_user')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network bastionHosts usage_user", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usage_user", + "metricNamespace": "Microsoft.Network/bastionHosts", + "metricName": "usage_user", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usage_user-threshold-Override_'), field('tags._amba-usage_user-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json b/services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json new file mode 100644 index 000000000..648f73e95 --- /dev/null +++ b/services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2c288e52-422b-4f7e-85cf-feb3d08a1602", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network bastionHosts used Alert", + "description": "Policy to Audit/Deploy Network bastionHosts used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/bastionHosts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-used-threshold-Override_'), field('tags._amba-used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network bastionHosts used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "used", + "metricNamespace": "Microsoft.Network/bastionHosts", + "metricName": "used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-used-threshold-Override_'), field('tags._amba-used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json b/services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json new file mode 100644 index 000000000..93e2d77e7 --- /dev/null +++ b/services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "494aa5d6-444d-4c86-9de5-431b3e12a233", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network connections BitsInPerSecond Alert", + "description": "Policy to Audit/Deploy Network connections BitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/connections" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/connections" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/connections/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network connections BitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsInPerSecond", + "metricNamespace": "Microsoft.Network/connections", + "metricName": "BitsInPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json b/services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json new file mode 100644 index 000000000..ce57d76ba --- /dev/null +++ b/services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b050d767-098e-4947-aa88-2a3090e62eab", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network connections BitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy Network connections BitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/connections" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/connections" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/connections/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network connections BitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsOutPerSecond", + "metricNamespace": "Microsoft.Network/connections", + "metricName": "BitsOutPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json b/services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json new file mode 100644 index 000000000..4ce02dab1 --- /dev/null +++ b/services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0d1709ed-805e-4ca1-8490-f2d6b393e92f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network dnszones QueryVolume Alert", + "description": "Policy to Audit/Deploy Network dnszones QueryVolume Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueryVolume" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/dnszones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueryVolume')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network dnszones QueryVolume", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueryVolume", + "metricNamespace": "Microsoft.Network/dnszones", + "metricName": "QueryVolume", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json b/services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json new file mode 100644 index 000000000..2d538f825 --- /dev/null +++ b/services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dfbcdbb7-fed8-49c5-8a10-ed34d20fc617", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network dnszones RecordSetCapacityUtilization Alert", + "description": "Policy to Audit/Deploy Network dnszones RecordSetCapacityUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RecordSetCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/dnszones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RecordSetCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network dnszones RecordSetCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RecordSetCapacityUtilization", + "metricNamespace": "Microsoft.Network/dnszones", + "metricName": "RecordSetCapacityUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json b/services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json new file mode 100644 index 000000000..df89fb6de --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "efc101c0-0623-4928-86a7-6f2d37faf24b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits ARP Availability Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits ARP Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ArpAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ArpAvailability-threshold-Override_'), field('tags._amba-ArpAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ArpAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits ArpAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ArpAvailability", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "ArpAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ArpAvailability-threshold-Override_'), field('tags._amba-ArpAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json b/services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json new file mode 100644 index 000000000..c79d91f6c --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "37302f31-86e2-45c8-a39f-d0b41c1271df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits BGP Availability Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits BGP Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BgpAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BgpAvailability-threshold-Override_'), field('tags._amba-BgpAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BgpAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits BgpAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BgpAvailability", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "BgpAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BgpAvailability-threshold-Override_'), field('tags._amba-BgpAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json b/services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json new file mode 100644 index 000000000..34dcba625 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2e4ae517-3d35-4677-a4b0-441ca19e7670", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits BitsInPerSecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits BitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "800000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits BitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "BitsInPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json b/services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json new file mode 100644 index 000000000..7489d6c44 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cc428042-1a21-43f7-b5f8-598dea50f4a2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits BitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits BitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "800000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits BitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "BitsOutPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json new file mode 100644 index 000000000..5658d8974 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d56551a8-1355-4aa3-871e-e20e1ce40f05", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QosDropBitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QosDropBitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits QosDropBitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QosDropBitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "QosDropBitsInPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json new file mode 100644 index 000000000..0ea5043c7 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5808dbdb-712e-4bd3-b92e-4a08388c32c6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QosDropBitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QosDropBitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits QosDropBitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QosDropBitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "QosDropBitsOutPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json b/services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json new file mode 100644 index 000000000..1f95c8b40 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "afc45643-7bd3-4321-9924-ac710bb78f88", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits fastpathroutescountforcircuit Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits fastpathroutescountforcircuit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.0l" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "fastpathroutescountforcircuit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-fastpathroutescountforcircuit-threshold-Override_'), field('tags._amba-fastpathroutescountforcircuit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-fastpathroutescountforcircuit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits fastpathroutescountforcircuit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "fastpathroutescountforcircuit", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "fastpathroutescountforcircuit", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-fastpathroutescountforcircuit-threshold-Override_'), field('tags._amba-fastpathroutescountforcircuit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json new file mode 100644 index 000000000..c6ddb8cc8 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "47fe6c76-47a0-433f-92d6-a23d9f573771", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits globalreachbitsinpersecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits globalreachbitsinpersecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "globalreachbitsinpersecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-globalreachbitsinpersecond-threshold-Override_'), field('tags._amba-globalreachbitsinpersecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-globalreachbitsinpersecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits globalreachbitsinpersecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "globalreachbitsinpersecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "globalreachbitsinpersecond", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-globalreachbitsinpersecond-threshold-Override_'), field('tags._amba-globalreachbitsinpersecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json new file mode 100644 index 000000000..16df061b5 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8a586e59-0f53-41bd-8406-174f9f0ecf7e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits globalreachbitsoutpersecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits globalreachbitsoutpersecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "globalreachbitsoutpersecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-globalreachbitsoutpersecond-threshold-Override_'), field('tags._amba-globalreachbitsoutpersecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-globalreachbitsoutpersecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits globalreachbitsoutpersecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "globalreachbitsoutpersecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "globalreachbitsoutpersecond", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-globalreachbitsoutpersecond-threshold-Override_'), field('tags._amba-globalreachbitsoutpersecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json new file mode 100644 index 000000000..4e246a190 --- /dev/null +++ b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ff147700-c9e6-4063-bb23-45500c00067a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ERG ExpressRoute Bits In Alert", + "description": "Policy to Audit/Deploy ERG ExpressRoute Bits In Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ERGatewayConnectionBitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ERGatewayConnectionBitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteGateways ERGatewayConnectionBitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ERGatewayConnectionBitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteGateways", + "metricName": "ERGatewayConnectionBitsInPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json new file mode 100644 index 000000000..0b85edc07 --- /dev/null +++ b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4d5c7854-e044-4dd6-971b-df433fa3ad37", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ERG ExpressRoute Bits Out Alert", + "description": "Policy to Audit/Deploy ERG ExpressRoute Bits Out Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ERGatewayConnectionBitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ERGatewayConnectionBitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteGateways ERGatewayConnectionBitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ERGatewayConnectionBitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteGateways", + "metricName": "ERGatewayConnectionBitsOutPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json b/services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json new file mode 100644 index 000000000..0f51e2321 --- /dev/null +++ b/services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af1ba971-9b73-4b7f-8040-5eff9f5778d5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ERG ExpressRoute CPU Utilization Alert", + "description": "Policy to Audit/Deploy ERG ExpressRoute CPU Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ExpressRouteGatewayCpuUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ExpressRouteGatewayCpuUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteGateways ExpressRouteGatewayCpuUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ExpressRouteGatewayCpuUtilization", + "metricNamespace": "Microsoft.Network/expressRouteGateways", + "metricName": "ExpressRouteGatewayCpuUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json b/services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json new file mode 100644 index 000000000..8a54da935 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0fac138d-cf48-4dc2-ac02-053d0b24e620", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct LineProtocol Alert", + "description": "Policy to Audit/Deploy ER Direct LineProtocol Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "LineProtocol" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-LineProtocol-threshold-Override_'), field('tags._amba-LineProtocol-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-LineProtocol')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts LineProtocol", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "LineProtocol", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "LineProtocol", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-LineProtocol-threshold-Override_'), field('tags._amba-LineProtocol-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json b/services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json new file mode 100644 index 000000000..aa31c2d89 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "08dad105-6416-4348-9feb-339f73e24262", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct Connection BitsInPerSecond Alert", + "description": "Policy to Audit/Deploy ER Direct Connection BitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PortBitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PortBitsInPerSecond-threshold-Override_'), field('tags._amba-PortBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PortBitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts PortBitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PortBitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "PortBitsInPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PortBitsInPerSecond-threshold-Override_'), field('tags._amba-PortBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json b/services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json new file mode 100644 index 000000000..c6bf07d3c --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ca29484c-b6e5-467e-984d-567e262380d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct Connection BitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy ER Direct Connection BitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PortBitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PortBitsOutPerSecond-threshold-Override_'), field('tags._amba-PortBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PortBitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts PortBitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PortBitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "PortBitsOutPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PortBitsOutPerSecond-threshold-Override_'), field('tags._amba-PortBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json new file mode 100644 index 000000000..115d472f9 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "bf37971c-60f4-4652-a059-7607b1d6d31b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct RxLightLevel Low Alert", + "description": "Policy to Audit/Deploy ER Direct RxLightLevel Low Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "-10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts RxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "RxLightLevel", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json new file mode 100644 index 000000000..349b7831e --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ceaeccae-ffa5-4c8c-8415-c7be8266977d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct RxLightLevel High Alert", + "description": "Policy to Audit/Deploy ER Direct RxLightLevel High Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts RxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "RxLightLevel", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json new file mode 100644 index 000000000..004f2c48d --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "378a85f8-f24c-4ce6-bfb0-eb5ccbd61768", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct TxLightLevel Low Alert", + "description": "Policy to Audit/Deploy ER Direct TxLightLevel Low Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "-10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts TxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "TxLightLevel", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json new file mode 100644 index 000000000..6ebe38930 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dee0e83f-8d5c-4735-9730-1a850354e4b1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct TxLightLevel High Alert", + "description": "Policy to Audit/Deploy ER Direct TxLightLevel High Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts TxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "TxLightLevel", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json b/services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json new file mode 100644 index 000000000..3c3ba94dc --- /dev/null +++ b/services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "15a67b66-30eb-4d0f-aa98-7350304347d0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors BackendHealthPercentage Alert", + "description": "Policy to Audit/Deploy Network frontdoors BackendHealthPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendHealthPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendHealthPercentage-threshold-Override_'), field('tags._amba-BackendHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendHealthPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors BackendHealthPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendHealthPercentage", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "BackendHealthPercentage", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendHealthPercentage-threshold-Override_'), field('tags._amba-BackendHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json b/services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json new file mode 100644 index 000000000..ac2f52a5d --- /dev/null +++ b/services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a4de0a96-9e79-4a03-a91c-cbd09ea3d29a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors BackendRequestLatency Alert", + "description": "Policy to Audit/Deploy Network frontdoors BackendRequestLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendRequestLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendRequestLatency-threshold-Override_'), field('tags._amba-BackendRequestLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendRequestLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors BackendRequestLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendRequestLatency", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "BackendRequestLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendRequestLatency-threshold-Override_'), field('tags._amba-BackendRequestLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json b/services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json new file mode 100644 index 000000000..0bbac9508 --- /dev/null +++ b/services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5ec4f863-ec6f-4fe8-b258-a53b3183138a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors RequestCount Alert", + "description": "Policy to Audit/Deploy Network frontdoors RequestCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RequestCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RequestCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors RequestCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RequestCount", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "RequestCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json b/services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json new file mode 100644 index 000000000..b28395835 --- /dev/null +++ b/services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1987b5a9-bbc3-43c6-af35-cd69e61fe043", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors TotalLatency Alert", + "description": "Policy to Audit/Deploy Network frontdoors TotalLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "25000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors TotalLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalLatency", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "TotalLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json b/services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json new file mode 100644 index 000000000..4a0f5c918 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5b64d91c-54de-4f8c-a5d6-054967f4ceaf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers AllocatedSnartPorts Alert", + "description": "Policy to Audit/Deploy Network loadBalancers AllocatedSnartPorts Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AllocatedSnartPorts" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AllocatedSnartPorts-threshold-Override_'), field('tags._amba-AllocatedSnartPorts-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AllocatedSnartPorts')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers AllocatedSnartPorts", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AllocatedSnartPorts", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "AllocatedSnartPorts", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AllocatedSnartPorts-threshold-Override_'), field('tags._amba-AllocatedSnartPorts-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json b/services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json new file mode 100644 index 000000000..dc148452c --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d15179b2-4b57-41e4-997b-dc7c380963d9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers Bytecount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers Bytecount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Bytecount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Bytecount-threshold-Override_'), field('tags._amba-Bytecount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Bytecount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers Bytecount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Bytecount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "Bytecount", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Bytecount-threshold-Override_'), field('tags._amba-Bytecount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json b/services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json new file mode 100644 index 000000000..723ec4fa6 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a39efd3b-04ef-48d4-a862-053092bdd6e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Health Probe Status Alert", + "description": "Policy to Audit/Deploy ALB Health Probe Status Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DipAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DipAvailability-threshold-Override_'), field('tags._amba-DipAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DipAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers DipAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DipAvailability", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "DipAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DipAvailability-threshold-Override_'), field('tags._amba-DipAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json b/services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json new file mode 100644 index 000000000..739fa8c75 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "055c20da-0d21-4c6a-a80b-f2c4b3887804", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Global Backend Availability Alert", + "description": "Policy to Audit/Deploy ALB Global Backend Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "GlobalBackendAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-GlobalBackendAvailability-threshold-Override_'), field('tags._amba-GlobalBackendAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-GlobalBackendAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers GlobalBackendAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "GlobalBackendAvailability", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "GlobalBackendAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-GlobalBackendAvailability-threshold-Override_'), field('tags._amba-GlobalBackendAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json b/services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json new file mode 100644 index 000000000..3ce463ed6 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers PacketCount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers PacketCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PacketCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PacketCount-threshold-Override_'), field('tags._amba-PacketCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PacketCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers PacketCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PacketCount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "PacketCount", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PacketCount-threshold-Override_'), field('tags._amba-PacketCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json b/services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json new file mode 100644 index 000000000..882d71511 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "94c90db6-8fd7-460c-b704-c2a429913376", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers SYNCount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers SYNCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SYNCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SYNCount-threshold-Override_'), field('tags._amba-SYNCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SYNCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers SYNCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SYNCount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "SYNCount", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SYNCount-threshold-Override_'), field('tags._amba-SYNCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json b/services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json new file mode 100644 index 000000000..f0b1e1cb8 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "39d3123b-daaa-4f70-97a3-8a4f326104af", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers SnatConnectionCount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers SnatConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SnatConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SnatConnectionCount-threshold-Override_'), field('tags._amba-SnatConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SnatConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers SnatConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SnatConnectionCount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "SnatConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SnatConnectionCount-threshold-Override_'), field('tags._amba-SnatConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json b/services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json new file mode 100644 index 000000000..1b38c9164 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a92cb746-f19f-450b-b413-8b9710b0176b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Used SNAT Ports Alert", + "description": "Policy to Audit/Deploy ALB Used SNAT Ports Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "900" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsedSNATPorts" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsedSNATPorts-threshold-Override_'), field('tags._amba-UsedSNATPorts-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsedSNATPorts')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers UsedSNATPorts", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsedSNATPorts", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "UsedSNATPorts", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsedSNATPorts-threshold-Override_'), field('tags._amba-UsedSNATPorts-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json b/services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json new file mode 100644 index 000000000..a6b6c5d49 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b239797f-e627-4e48-8609-94db72098c3d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Data Path Availability Alert", + "description": "Policy to Audit/Deploy ALB Data Path Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VipAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VipAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers VipAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VipAvailability", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "VipAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json b/services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json new file mode 100644 index 000000000..15dc95b93 --- /dev/null +++ b/services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e1808855-9a4d-464d-b75a-a41183c520bd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways ByteCount Alert", + "description": "Policy to Audit/Deploy Network natGateways ByteCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "300000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ByteCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ByteCount-threshold-Override_'), field('tags._amba-ByteCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ByteCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways ByteCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ByteCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "ByteCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ByteCount-threshold-Override_'), field('tags._amba-ByteCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json b/services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json new file mode 100644 index 000000000..73489071c --- /dev/null +++ b/services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways DatapathAvailability Alert", + "description": "Policy to Audit/Deploy Network natGateways DatapathAvailability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DatapathAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DatapathAvailability-threshold-Override_'), field('tags._amba-DatapathAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DatapathAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways DatapathAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DatapathAvailability", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "DatapathAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DatapathAvailability-threshold-Override_'), field('tags._amba-DatapathAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json b/services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json new file mode 100644 index 000000000..69c723123 --- /dev/null +++ b/services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "53bb49ec-ed5b-40c3-999b-efefa9be4536", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways PacketDropCount Alert", + "description": "Policy to Audit/Deploy Network natGateways PacketDropCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PacketDropCount-threshold-Override_'), field('tags._amba-PacketDropCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways PacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PacketDropCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "PacketDropCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PacketDropCount-threshold-Override_'), field('tags._amba-PacketDropCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json b/services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json new file mode 100644 index 000000000..c5fd95bb0 --- /dev/null +++ b/services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4c2e410b-644e-4331-a55c-19bfdc3e4754", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways SNATConnectionCount Alert", + "description": "Policy to Audit/Deploy Network natGateways SNATConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SNATConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SNATConnectionCount-threshold-Override_'), field('tags._amba-SNATConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SNATConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways SNATConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SNATConnectionCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "SNATConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SNATConnectionCount-threshold-Override_'), field('tags._amba-SNATConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json b/services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json new file mode 100644 index 000000000..46334a85b --- /dev/null +++ b/services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c57f27b1-151c-4d27-a77e-b85547d817f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways TotalConnectionCount Alert", + "description": "Policy to Audit/Deploy Network natGateways TotalConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalConnectionCount-threshold-Override_'), field('tags._amba-TotalConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways TotalConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalConnectionCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "TotalConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalConnectionCount-threshold-Override_'), field('tags._amba-TotalConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json b/services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json new file mode 100644 index 000000000..fc1e0f939 --- /dev/null +++ b/services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_NSG_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log NSG Delete Alert", + "description": "Policy to Deploy Activity Log NSG Delete Alert", + "metadata": { + "version": "1.0.2", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkSecurityGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityNSGDelete", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/networkSecurityGroups/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityNSGDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityNSGDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log NSG Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/networkSecurityGroups/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json b/services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json new file mode 100644 index 000000000..5df2ff2d8 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "61cbc62a-1382-4581-850f-4ea69d8a9615", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors ChecksFailedPercent Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors ChecksFailedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ChecksFailedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ChecksFailedPercent-threshold-Override_'), field('tags._amba-ChecksFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ChecksFailedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors ChecksFailedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ChecksFailedPercent", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "ChecksFailedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ChecksFailedPercent-threshold-Override_'), field('tags._amba-ChecksFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json b/services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json new file mode 100644 index 000000000..4cab0d3e7 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7659c9f8-c257-4f0b-a8d9-1ceae6177ff5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors ProbesFailedPercent Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors ProbesFailedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProbesFailedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProbesFailedPercent-threshold-Override_'), field('tags._amba-ProbesFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProbesFailedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors ProbesFailedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProbesFailedPercent", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "ProbesFailedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProbesFailedPercent-threshold-Override_'), field('tags._amba-ProbesFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json b/services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json new file mode 100644 index 000000000..cc5799d81 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1744119b-cabb-4ac4-97c6-a61249a6c5be", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors RoundTripTimeMs Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors RoundTripTimeMs Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RoundTripTimeMs" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RoundTripTimeMs-threshold-Override_'), field('tags._amba-RoundTripTimeMs-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RoundTripTimeMs')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors RoundTripTimeMs", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RoundTripTimeMs", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "RoundTripTimeMs", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RoundTripTimeMs-threshold-Override_'), field('tags._amba-RoundTripTimeMs-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json b/services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json new file mode 100644 index 000000000..1e405a378 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "370ff9a8-11ea-469a-9f52-b1c39d61c39d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors TestResult Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors TestResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TestResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TestResult-threshold-Override_'), field('tags._amba-TestResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TestResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors TestResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TestResult", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "TestResult", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TestResult-threshold-Override_'), field('tags._amba-TestResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json b/services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json new file mode 100644 index 000000000..4a02f4698 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4d219611-6487-4fcf-9bac-29cd9e5046a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Query Volume Alert", + "description": "Policy to Audit/Deploy PDNSZ Query Volume Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueryVolume" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueryVolume-threshold-Override_'), field('tags._amba-QueryVolume-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueryVolume')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones QueryVolume", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueryVolume", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "QueryVolume", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueryVolume-threshold-Override_'), field('tags._amba-QueryVolume-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json b/services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json new file mode 100644 index 000000000..50b667707 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "95473b2f-74ea-4929-bf22-f6f3be4ccbd5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Record Set Capacity Alert", + "description": "Policy to Audit/Deploy PDNSZ Record Set Capacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RecordSetCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RecordSetCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones RecordSetCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RecordSetCapacityUtilization", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "RecordSetCapacityUtilization", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json b/services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json new file mode 100644 index 000000000..7e69abe12 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b410b69e-8bd5-44fe-899d-f4d5dce9931a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network privateDnsZones RecordSetCount Alert", + "description": "Policy to Audit/Deploy Network privateDnsZones RecordSetCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "18750" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RecordSetCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RecordSetCount-threshold-Override_'), field('tags._amba-RecordSetCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RecordSetCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones RecordSetCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RecordSetCount", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "RecordSetCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RecordSetCount-threshold-Override_'), field('tags._amba-RecordSetCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json b/services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json new file mode 100644 index 000000000..dc031bb39 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Capacity Utilization Alert", + "description": "Policy to Audit/Deploy PDNSZ Capacity Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VirtualNetworkLinkCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VirtualNetworkLinkCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones VirtualNetworkLinkCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VirtualNetworkLinkCapacityUtilization", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "VirtualNetworkLinkCapacityUtilization", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json b/services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json new file mode 100644 index 000000000..dec22c520 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c064753f-ea6a-4940-b603-975adb5127ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Registration Capacity Utilization Alert", + "description": "Policy to Audit/Deploy PDNSZ Registration Capacity Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VirtualNetworkWithRegistrationCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VirtualNetworkWithRegistrationCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones VirtualNetworkWithRegistrationCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VirtualNetworkWithRegistrationCapacityUtilization", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "VirtualNetworkWithRegistrationCapacityUtilization", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json b/services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json new file mode 100644 index 000000000..586299d95 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "652acaf1-c5a1-4a88-b3bb-822a14dece19", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP Bytes in DDoS Attack Alert", + "description": "Policy to Audit/Deploy PIP Bytes in DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "8000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BytesInDDoS-threshold-Override_'), field('tags._amba-BytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses BytesInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "BytesInDDoS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BytesInDDoS-threshold-Override_'), field('tags._amba-BytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json b/services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json new file mode 100644 index 000000000..b653a5a71 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cb9a5dd7-4ae2-4adf-ab11-95363032ee5d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP DDoS Attack Alert", + "description": "Policy to Audit/Deploy PIP DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IfUnderDDoSAttack" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IfUnderDDoSAttack')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses IfUnderDDoSAttack", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IfUnderDDoSAttack", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "IfUnderDDoSAttack", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json b/services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json new file mode 100644 index 000000000..e651ff52f --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a78addf1-4632-4fc2-9afc-d1fb75049872", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP Packets in DDoS Attack Alert", + "description": "Policy to Audit/Deploy PIP Packets in DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PacketsInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PacketsInDDoS-threshold-Override_'), field('tags._amba-PacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PacketsInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses PacketsInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PacketsInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "PacketsInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PacketsInDDoS-threshold-Override_'), field('tags._amba-PacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json b/services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json new file mode 100644 index 000000000..85cc42887 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses TCPBytesInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses TCPBytesInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TCPBytesInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TCPBytesInDDoS-threshold-Override_'), field('tags._amba-TCPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TCPBytesInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses TCPBytesInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TCPBytesInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "TCPBytesInDDoS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TCPBytesInDDoS-threshold-Override_'), field('tags._amba-TCPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json b/services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json new file mode 100644 index 000000000..277a3e5e3 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "529b0b1f-46fc-423f-94ab-dd71dd7894e2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses TCPPacketsInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses TCPPacketsInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TCPPacketsInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TCPPacketsInDDoS-threshold-Override_'), field('tags._amba-TCPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TCPPacketsInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses TCPPacketsInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TCPPacketsInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "TCPPacketsInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TCPPacketsInDDoS-threshold-Override_'), field('tags._amba-TCPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json b/services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json new file mode 100644 index 000000000..b8317ea4a --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8020f41e-ca61-43b4-88ca-f520057dfa92", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses UDPBytesInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses UDPBytesInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UDPBytesInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UDPBytesInDDoS-threshold-Override_'), field('tags._amba-UDPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UDPBytesInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses UDPBytesInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UDPBytesInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "UDPBytesInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UDPBytesInDDoS-threshold-Override_'), field('tags._amba-UDPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json b/services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json new file mode 100644 index 000000000..56be5c4af --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "27181c58-ca7a-433f-a0ee-a7a33102cb36", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses UDPPacketsInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses UDPPacketsInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UDPPacketsInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UDPPacketsInDDoS-threshold-Override_'), field('tags._amba-UDPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UDPPacketsInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses UDPPacketsInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UDPPacketsInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "UDPPacketsInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UDPPacketsInDDoS-threshold-Override_'), field('tags._amba-UDPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json b/services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json new file mode 100644 index 000000000..c7909bb2a --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7f4c355a-5411-4400-826a-b82007bbd83d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP VIP Availability Alert", + "description": "Policy to Audit/Deploy PIP VIP Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VipAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VipAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses VipAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VipAvailability", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "VipAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json b/services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json new file mode 100644 index 000000000..df93ee30a --- /dev/null +++ b/services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_RouteTable_Update", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log Route Table Update Alert", + "description": "Policy to Deploy Activity Log Route Table Update Alert", + "metadata": { + "version": "1.0.1", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/routeTables" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityUDRUpdate", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/routeTables/routes/write" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityUDRUpdate", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityUDRUpdate", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log Route table update", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/routeTables/routes/write" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json b/services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json new file mode 100644 index 000000000..99757a5c5 --- /dev/null +++ b/services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dd3f294f-d12e-4e34-8f6a-c304d3d977e2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network trafficmanagerprofiles ProbeAgentCurrentEndpointStateByProfileResourceId Alert", + "description": "Policy to Audit/Deploy Network trafficmanagerprofiles ProbeAgentCurrentEndpointStateByProfileResourceId Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProbeAgentCurrentEndpointStateByProfileResourceId" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/trafficmanagerprofiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), field('tags._amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProbeAgentCurrentEndpointStateByProfileResourceId')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network trafficmanagerprofiles ProbeAgentCurrentEndpointStateByProfileResourceId", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProbeAgentCurrentEndpointStateByProfileResourceId", + "metricNamespace": "Microsoft.Network/trafficmanagerprofiles", + "metricName": "ProbeAgentCurrentEndpointStateByProfileResourceId", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), field('tags._amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json b/services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json new file mode 100644 index 000000000..669b9b38d --- /dev/null +++ b/services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f4699243-1ba2-49a8-85f8-c4a22a563925", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network trafficmanagerprofiles QpsByEndpoint Alert", + "description": "Policy to Audit/Deploy Network trafficmanagerprofiles QpsByEndpoint Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QpsByEndpoint" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/trafficmanagerprofiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QpsByEndpoint-threshold-Override_'), field('tags._amba-QpsByEndpoint-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QpsByEndpoint')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network trafficmanagerprofiles QpsByEndpoint", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QpsByEndpoint", + "metricNamespace": "Microsoft.Network/trafficmanagerprofiles", + "metricName": "QpsByEndpoint", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QpsByEndpoint-threshold-Override_'), field('tags._amba-QpsByEndpoint-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json b/services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json new file mode 100644 index 000000000..4df33f43f --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "88642ff7-6c08-486a-9bf2-37764d5bf6a3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network virtualNetworkGateways AverageBandwidth Alert", + "description": "Policy to Audit/Deploy Network virtualNetworkGateways AverageBandwidth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "450000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageBandwidth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageBandwidth-threshold-Override_'), field('tags._amba-AverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageBandwidth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways AverageBandwidth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageBandwidth", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "AverageBandwidth", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageBandwidth-threshold-Override_'), field('tags._amba-AverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json new file mode 100644 index 000000000..9f2b9dc81 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4c3c25d2-7473-4d0c-9174-609162571859", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG ExpressRoute Bits Per Second Alert", + "description": "Policy to Audit/Deploy VNetG ExpressRoute Bits Per Second Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ExpressRouteGatewayBitsPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), field('tags._amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ExpressRouteGatewayBitsPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways ExpressRouteGatewayBitsPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ExpressRouteGatewayBitsPerSecond", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "ExpressRouteGatewayBitsPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), field('tags._amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json new file mode 100644 index 000000000..07a0fc9b2 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "56491bc7-1267-42a2-92c6-fe9efe822ff1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG ExpressRoute CPU Utilization Alert", + "description": "Policy to Audit/Deploy VNetG ExpressRoute CPU Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ExpressRouteGatewayCpuUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ExpressRouteGatewayCpuUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways ExpressRouteGatewayCpuUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ExpressRouteGatewayCpuUtilization", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "ExpressRouteGatewayCpuUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json new file mode 100644 index 000000000..00de94b76 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "09bb7f01-a715-437d-b692-325f89e1869e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Tunnel Bandwidth Alert", + "description": "Policy to Audit/Deploy VNetG Tunnel Bandwidth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelAverageBandwidth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelAverageBandwidth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelAverageBandwidth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelAverageBandwidth", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelAverageBandwidth", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json new file mode 100644 index 000000000..09aa39e4d --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "092f6e09-1eb5-436d-b7c2-eadb70318920", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Tunnel Egress Alert", + "description": "Policy to Audit/Deploy VNetG Tunnel Egress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelEgressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressBytes", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelEgressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json new file mode 100644 index 000000000..03ae39e51 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6f02e3e8-9bfa-4312-a352-6506139e3dba", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Egress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VNetG Egress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelEgressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropCount", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelEgressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json new file mode 100644 index 000000000..f65a3402c --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ca909c09-89c4-467e-bdca-9140e72d6c82", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Egress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VNetG Egress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelEgressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelEgressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json new file mode 100644 index 000000000..3a98b4a8d --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a34fa329-da3e-4947-8d06-9bd2bee6c8a7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Tunnel Ingress Alert", + "description": "Policy to Audit/Deploy VNetG Tunnel Ingress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelIngressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressBytes", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelIngressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json new file mode 100644 index 000000000..244500dd1 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b511650f-535c-45d1-a089-0ea402245deb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Ingress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VNetG Ingress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelIngressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropCount", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelIngressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json new file mode 100644 index 000000000..a13d83799 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1cc4a539-e4bf-40e8-a280-f4e9e178fb51", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Egress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VNetG Egress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelIngressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelIngressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json b/services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json new file mode 100644 index 000000000..d63b8a5e3 --- /dev/null +++ b/services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "72dea6f4-858c-423f-8189-406aac7d20ac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNet DDoS Attack Alert", + "description": "Policy to Audit/Deploy VNet DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworks" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworks" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IfUnderDDoSAttack" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IfUnderDDoSAttack')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworks IfUnderDDoSAttack", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IfUnderDDoSAttack", + "metricNamespace": "Microsoft.Network/virtualNetworks", + "metricName": "IfUnderDDoSAttack", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json b/services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json new file mode 100644 index 000000000..07d6f40c5 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json @@ -0,0 +1,259 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_VPNGateway_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log VPN Gateway Delete Alert", + "description": "Policy to Deploy Activity Log VPN Gateway Delete Alert", + "metadata": { + "version": "1.0.1", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/vpnGateways/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityVPNGatewayDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityVPNGatewayDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log VPN Gateway Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/vpnGateways/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json b/services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json new file mode 100644 index 000000000..84628f4cc --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0ea832c-aae8-42c0-ad83-0bb13d66d56e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG BGP Peer Status Alert", + "description": "Policy to Audit/Deploy VPNG BGP Peer Status Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BgpPeerStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BgpPeerStatus-threshold-Override_'), field('tags._amba-BgpPeerStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BgpPeerStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways BgpPeerStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BgpPeerStatus", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "BgpPeerStatus", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BgpPeerStatus-threshold-Override_'), field('tags._amba-BgpPeerStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json b/services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json new file mode 100644 index 000000000..fd0ce0254 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d74fd111-125f-45b8-8bbc-e23bd40aa869", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Bandwidth Utilization Alert", + "description": "Policy to Audit/Deploy VPNG Bandwidth Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelAverageBandwidth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelAverageBandwidth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelAverageBandwidth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelAverageBandwidth", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelAverageBandwidth", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json b/services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json new file mode 100644 index 000000000..1f6ed40ea --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cd3b834d-f34f-4a67-af01-b1c5d32195a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Egress Alert", + "description": "Policy to Audit/Deploy VPNG Egress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelEgressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressBytes", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelEgressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json new file mode 100644 index 000000000..50f7bb0cd --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c5ae6d80-59db-4087-8e9b-0df36c54ebe9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Egress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VPNG Egress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelEgressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropCount", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelEgressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json new file mode 100644 index 000000000..eff432109 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7b361791-127e-4a6f-9c1b-c8d9f41ec223", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Egress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VPNG Egress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelEgressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelEgressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json b/services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json new file mode 100644 index 000000000..8d074f667 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a05d97b8-37b9-4100-a860-d57363aaaf5f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Ingress Alert", + "description": "Policy to Audit/Deploy VPNG Ingress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelIngressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressBytes", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelIngressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json new file mode 100644 index 000000000..084e9dd16 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c2c9a09d-7fad-4c67-9a29-4c2c376a7214", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Ingress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VNetG Ingress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelIngressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropCount", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelIngressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json new file mode 100644 index 000000000..f98e17853 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7affb4da-2058-4f12-b15b-ca58e92b63e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Ingress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VPNG Ingress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelIngressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelIngressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json new file mode 100644 index 000000000..3dbbf74c5 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json @@ -0,0 +1,259 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_LAWorkspace_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log LA Workspace Delete Alert", + "description": "Policy to Deploy Activity Log LA Workspace Delete Alert", + "metadata": { + "version": "1.0.3", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityLAWorkspaceDelete", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.OperationalInsights/workspaces/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityLAWorkspaceDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityLAWorkspaceDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log LA Workspace Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.OperationalInsights/workspaces/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json new file mode 100644 index 000000000..3375d7868 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_LAWorkspace_KeyRegen", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log LA Workspace Regenerate Key Alert", + "description": "Policy to Deploy Activity Log LA Workspace Regenerate Key Alert", + "metadata": { + "version": "1.0.2", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityLAWorkspaceRegenKey", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.OperationalInsights/workspaces/regeneratesharedkey/action" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityLAWorkspaceRegenKey", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityLAWorkspaceRegenKey", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log LA Workspace Regenerate Key", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.OperationalInsights/workspaces/regeneratesharedkey/action" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json new file mode 100644 index 000000000..f2ee407a3 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "99ba0b14-4b3c-49b5-8763-3161b9aae538", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Available MBytes Memory Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Available MBytes Memory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Available MBytes Memory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Available MBytes Memory-threshold-Override_'), field('tags._amba-Average_Available MBytes Memory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Available MBytes Memory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Available MBytes Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Available MBytes Memory", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Available MBytes Memory", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Available MBytes Memory-threshold-Override_'), field('tags._amba-Average_Available MBytes Memory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json new file mode 100644 index 000000000..0187c0591 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0c5e86f-eb2d-41ea-a4a0-9819ad841c70", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Available MBytes Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Available MBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "512" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Available MBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Available MBytes-threshold-Override_'), field('tags._amba-Average_Available MBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Available MBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Available MBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Available MBytes", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Available MBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Available MBytes-threshold-Override_'), field('tags._amba-Average_Available MBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json new file mode 100644 index 000000000..982eac637 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "91044c16-83bc-457f-80a9-360bad5dedb4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Available Memory Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Available Memory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Available Memory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Available Memory-threshold-Override_'), field('tags._amba-Average_% Available Memory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Available Memory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Available Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Available Memory", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Available Memory", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Available Memory-threshold-Override_'), field('tags._amba-Average_% Available Memory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json new file mode 100644 index 000000000..580344945 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8b472051-ff68-4059-9e50-243bfb64bae4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Avg. Disk sec/Read Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Avg. Disk sec/Read Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.04" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Avg. Disk sec/Read" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Read-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Read-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Avg. Disk sec/Read')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Avg. Disk sec/Read", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Avg. Disk sec/Read", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Avg. Disk sec/Read", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Read-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Read-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json new file mode 100644 index 000000000..6f8a43b37 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "aad0e64e-3cda-45bf-b6bd-8cff29ee35e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Avg. Disk sec/Write Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Avg. Disk sec/Write Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.04" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Avg. Disk sec/Write" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Write-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Write-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Avg. Disk sec/Write')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Avg. Disk sec/Write", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Avg. Disk sec/Write", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Avg. Disk sec/Write", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Write-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Write-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json b/services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json new file mode 100644 index 000000000..32b387c66 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "60ec2790-dc83-419c-bdb5-38da9a477c68", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Bytes Received/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Bytes Received/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Bytes Received/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Bytes Received/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Bytes Received/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Bytes Received/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Bytes Received/sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json b/services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json new file mode 100644 index 000000000..ea314669e --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "de6d5087-bc5a-474f-9319-248a3c03ab44", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Bytes Sent/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Bytes Sent/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Bytes Sent/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Bytes Sent/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Bytes Sent/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Bytes Sent/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Bytes Sent/sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json b/services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json new file mode 100644 index 000000000..1a7cae043 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a70e406c-a0ae-4e0f-99cd-8b0836812c59", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Committed Bytes In Use Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Committed Bytes In Use Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Committed Bytes In Use" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Committed Bytes In Use-threshold-Override_'), field('tags._amba-Average_% Committed Bytes In Use-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Committed Bytes In Use')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Committed Bytes In Use", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Committed Bytes In Use", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Committed Bytes In Use", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Committed Bytes In Use-threshold-Override_'), field('tags._amba-Average_% Committed Bytes In Use-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json b/services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json new file mode 100644 index 000000000..d72c89929 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "08a4f049-9bb8-45d0-9dfb-320f385cc71f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Current Disk Queue Length Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Current Disk Queue Length Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Current Disk Queue Length" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Current Disk Queue Length-threshold-Override_'), field('tags._amba-Average_Current Disk Queue Length-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Current Disk Queue Length')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Current Disk Queue Length", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Current Disk Queue Length", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Current Disk Queue Length", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Current Disk Queue Length-threshold-Override_'), field('tags._amba-Average_Current Disk Queue Length-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json b/services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json new file mode 100644 index 000000000..bc47b0cfe --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "30b462dd-d026-4122-9bcf-3a114517e04c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Disk Transfers/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Disk Transfers/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Disk Transfers/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Disk Transfers/sec-threshold-Override_'), field('tags._amba-Average_Disk Transfers/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Disk Transfers/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Disk Transfers/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Disk Transfers/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Disk Transfers/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Disk Transfers/sec-threshold-Override_'), field('tags._amba-Average_Disk Transfers/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json b/services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json new file mode 100644 index 000000000..3f23de211 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "969677fe-d1e0-42f6-92af-c9269780411b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Free Megabytes Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Free Megabytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10240" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Free Megabytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Free Megabytes-threshold-Override_'), field('tags._amba-Average_Free Megabytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Free Megabytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Free Megabytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Free Megabytes", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Free Megabytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Free Megabytes-threshold-Override_'), field('tags._amba-Average_Free Megabytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json b/services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json new file mode 100644 index 000000000..7e488d2c4 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "db621663-ec0a-4fa3-82a7-b6b110726568", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Free Space Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Free Space Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Free Space" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Free Space-threshold-Override_'), field('tags._amba-Average_% Free Space-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Free Space')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Free Space", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Free Space", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Free Space", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Free Space-threshold-Override_'), field('tags._amba-Average_% Free Space-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json b/services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json new file mode 100644 index 000000000..29230fc1a --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1116a5eb-9e12-415a-af46-fad552421d36", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% IO Wait Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% IO Wait Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% IO Wait Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% IO Wait Time-threshold-Override_'), field('tags._amba-Average_% IO Wait Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% IO Wait Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% IO Wait Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% IO Wait Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% IO Wait Time", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% IO Wait Time-threshold-Override_'), field('tags._amba-Average_% IO Wait Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json b/services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json new file mode 100644 index 000000000..9b5fd00c6 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "732c0a7b-ac17-47cb-bf78-2ebaa839fa0d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Idle Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Idle Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Idle Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Idle Time-threshold-Override_'), field('tags._amba-Average_% Idle Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Idle Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Idle Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Idle Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Idle Time", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Idle Time-threshold-Override_'), field('tags._amba-Average_% Idle Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json b/services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json new file mode 100644 index 000000000..7a6d9e2bd --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "88b7198b-32a5-4ae2-aaa5-7925066cc08c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Pages/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Pages/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Pages/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Pages/sec-threshold-Override_'), field('tags._amba-Average_Pages/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Pages/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Pages/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Pages/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Pages/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Pages/sec-threshold-Override_'), field('tags._amba-Average_Pages/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json b/services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json new file mode 100644 index 000000000..e933ef121 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0c416177-e7ce-40d5-8f15-8566b3d7c03c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Processor Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Processor Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Processor Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Processor Time-threshold-Override_'), field('tags._amba-Average_% Processor Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Processor Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Processor Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Processor Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Processor Time", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Processor Time-threshold-Override_'), field('tags._amba-Average_% Processor Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json new file mode 100644 index 000000000..512045a3f --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "593b6885-3fb8-4562-89f1-8b0b68649185", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Total Bytes Received Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Total Bytes Received Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Total Bytes Received" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Total Bytes Received')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Total Bytes Received", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Total Bytes Received", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Total Bytes Received", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json new file mode 100644 index 000000000..cd2fe599d --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "76583e85-8be6-4d02-8e09-aff0ce8574f8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Total Bytes Transmitted Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Total Bytes Transmitted Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Total Bytes Transmitted" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Total Bytes Transmitted')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Total Bytes Transmitted", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Total Bytes Transmitted", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Total Bytes Transmitted", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json new file mode 100644 index 000000000..efaeacf65 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af5d055f-0e1f-4c48-808a-d21f8268357d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Inodes Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Inodes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Inodes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Inodes-threshold-Override_'), field('tags._amba-Average_% Used Inodes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Inodes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Inodes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Inodes", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Inodes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Inodes-threshold-Override_'), field('tags._amba-Average_% Used Inodes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json new file mode 100644 index 000000000..90e658df2 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "171e5b5c-78cc-44a1-b7fb-7d750914ed5e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Memory Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Memory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Memory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Memory-threshold-Override_'), field('tags._amba-Average_% Used Memory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Memory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Memory", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Memory", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Memory-threshold-Override_'), field('tags._amba-Average_% Used Memory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json new file mode 100644 index 000000000..8c0180f68 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49ba0df7-18bf-4b3e-9d0f-f8c055762fd5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Space Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Space Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Space" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Space-threshold-Override_'), field('tags._amba-Average_% Used Space-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Space')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Space", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Space", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Space", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Space-threshold-Override_'), field('tags._amba-Average_% Used Space-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json new file mode 100644 index 000000000..defe36522 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "04f64694-48a2-48ee-9455-ccce8e59b66f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Swap Space Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Swap Space Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Swap Space" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Swap Space-threshold-Override_'), field('tags._amba-Average_% Used Swap Space-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Swap Space')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Swap Space", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Swap Space", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Swap Space", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Swap Space-threshold-Override_'), field('tags._amba-Average_% Used Swap Space-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json b/services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json new file mode 100644 index 000000000..7338aeb4e --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b8140cdb-5492-4177-881f-8668372947a8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% User Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% User Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% User Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% User Time-threshold-Override_'), field('tags._amba-Average_% User Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% User Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% User Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% User Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% User Time", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% User Time-threshold-Override_'), field('tags._amba-Average_% User Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json b/services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json new file mode 100644 index 000000000..a413a77c7 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0b608189-b028-4851-8854-9ce1a48c3dd6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Event Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Event Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Event" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Event-threshold-Override_'), field('tags._amba-Event-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Event')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Event", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Event", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Event", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Event-threshold-Override_'), field('tags._amba-Event-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json b/services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json new file mode 100644 index 000000000..08e28f3f7 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "83703f70-9ea8-44aa-b88a-a8e56eb42858", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Heartbeat Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Heartbeat Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Heartbeat" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Heartbeat-threshold-Override_'), field('tags._amba-Heartbeat-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Heartbeat')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Heartbeat", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Heartbeat", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Heartbeat", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Heartbeat-threshold-Override_'), field('tags._amba-Heartbeat-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json b/services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json new file mode 100644 index 000000000..5082fdd00 --- /dev/null +++ b/services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2993107e-d54f-4fc4-af7a-6a9bc6b4ea46", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PowerBIDedicated capacities cpu_metric Alert", + "description": "Policy to Audit/Deploy PowerBIDedicated capacities cpu_metric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "PowerBIDedicated", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.PowerBIDedicated/capacities" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.PowerBIDedicated/capacities" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_metric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.PowerBIDedicated/capacities/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_metric-threshold-Override_'), field('tags._amba-cpu_metric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_metric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for PowerBIDedicated capacities cpu_metric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_metric", + "metricNamespace": "Microsoft.PowerBIDedicated/capacities", + "metricName": "cpu_metric", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_metric-threshold-Override_'), field('tags._amba-cpu_metric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json b/services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json new file mode 100644 index 000000000..1ebfa6c4d --- /dev/null +++ b/services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8f9b2819-9c51-4f30-91fd-195b7bc5d7a5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy RecoveryServices vaults BackupHealthEvent Alert", + "description": "Policy to Audit/Deploy RecoveryServices vaults BackupHealthEvent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "RecoveryServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackupHealthEvent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.RecoveryServices/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackupHealthEvent-threshold-Override_'), field('tags._amba-BackupHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackupHealthEvent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for RecoveryServices vaults BackupHealthEvent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackupHealthEvent", + "metricNamespace": "Microsoft.RecoveryServices/vaults", + "metricName": "BackupHealthEvent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackupHealthEvent-threshold-Override_'), field('tags._amba-BackupHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json b/services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json new file mode 100644 index 000000000..1511c77a6 --- /dev/null +++ b/services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json @@ -0,0 +1,82 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_RecoveryVault_BackupHealthMonitor_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy RV Backup Health Monitoring Alerts", + "description": "Policy to audit/update Recovery Vault Backup Health Alerting to Azure monitor alerts", + "metadata": { + "version": "1.0.0", + "category": "Site Recovery", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "modify", + "audit", + "disabled" + ], + "defaultValue": "modify" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.RecoveryServices/Vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + }, + { + "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures", + "notEquals": "Enabled" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "conflictEffect": "audit", + "operations": [ + { + "operation": "addOrReplace", + "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.classicAlertSettings.alertsForCriticalOperations", + "value": "Disabled" + }, + { + "operation": "addOrReplace", + "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures", + "value": "Enabled" + } + ] + } + } + } + } +} diff --git a/services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json b/services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json new file mode 100644 index 000000000..8f0682485 --- /dev/null +++ b/services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "805aa9c8-4d52-411d-9811-cc02b33952e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy RecoveryServices vaults RestoreHealthEvent Alert", + "description": "Policy to Audit/Deploy RecoveryServices vaults RestoreHealthEvent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "RecoveryServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RestoreHealthEvent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.RecoveryServices/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RestoreHealthEvent-threshold-Override_'), field('tags._amba-RestoreHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RestoreHealthEvent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for RecoveryServices vaults RestoreHealthEvent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RestoreHealthEvent", + "metricNamespace": "Microsoft.RecoveryServices/vaults", + "metricName": "RestoreHealthEvent", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RestoreHealthEvent-threshold-Override_'), field('tags._amba-RestoreHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json b/services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json new file mode 100644 index 000000000..352e2091a --- /dev/null +++ b/services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "25a1c11a-3ec4-47aa-b67e-f359fd14483a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Relay namespaces ActiveListeners Alert", + "description": "Policy to Audit/Deploy Relay namespaces ActiveListeners Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Relay", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Relay/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Relay/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActiveListeners" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Relay/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActiveListeners-threshold-Override_'), field('tags._amba-ActiveListeners-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActiveListeners')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Relay namespaces ActiveListeners", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActiveListeners", + "metricNamespace": "Microsoft.Relay/namespaces", + "metricName": "ActiveListeners", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActiveListeners-threshold-Override_'), field('tags._amba-ActiveListeners-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json b/services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json new file mode 100644 index 000000000..a28d1e22e --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json @@ -0,0 +1,408 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ResourceHealth_Unhealthy_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Resource Health Unhealthy Alert", + "description": "Policy to Deploy Resource Health Unhealthy Alert", + "metadata": { + "version": "1.1.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ResourceHealth" + } + ] + } + ] + } + }, + "equals": 1 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ResourceHealtAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ResourceHealthUnhealthyAlert", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]", + "webhookProperties": {} + } + ] + }, + "description": "Resource Health Unhealthy Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ResourceHealth" + }, + { + "anyOf": [ + { + "field": "properties.cause", + "equals": "PlatformInitiated" + }, + { + "field": "properties.cause", + "equals": "UserInitiated" + } + ] + }, + { + "anyOf": [ + { + "field": "properties.currentHealthStatus", + "equals": "Degraded" + }, + { + "field": "properties.currentHealthStatus", + "equals": "Unavailable" + } + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ResourceHealthUnhealthyAlert", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Resource Health Unhealthy Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ResourceHealth" + }, + { + "anyOf": [ + { + "field": "properties.cause", + "equals": "PlatformInitiated" + }, + { + "field": "properties.cause", + "equals": "UserInitiated" + } + ] + }, + { + "anyOf": [ + { + "field": "properties.currentHealthStatus", + "equals": "Degraded" + }, + { + "field": "properties.currentHealthStatus", + "equals": "Unavailable" + } + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json b/services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json new file mode 100644 index 000000000..e4484ec19 --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_HealthAdvisory", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Advisory Alert", + "description": "Policy to Deploy Service Health Advisory Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ActionRequired" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceHealthHealth", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthAdvisoryEvent", + "location": "Global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Advisory Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "ActionRequired" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthAdvisoryEvent", + "location": "Global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Advisory Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "ActionRequired" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json b/services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json new file mode 100644 index 000000000..717cce406 --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_Incident", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Incident Alert", + "description": "Policy to Deploy Service Health Incident Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Incident" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceHealthIncident", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Incident Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Incident" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Incident Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Incident" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json b/services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json new file mode 100644 index 000000000..f37a7e740 --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_Maintenance", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Maintenance Alert", + "description": "Policy to Deploy Service Health Maintenance Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Maintenance" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceHealthMaintenance", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthPlannedMaintenance", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Planned Maintenance Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Maintenance" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthPlannedMaintenance", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Planned Maintenance Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Maintenance" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json b/services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json new file mode 100644 index 000000000..f361cc28e --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_SecurityAdvisory", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Security Advisory Alert", + "description": "Policy to Deploy Service Health Security Advisory Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Security" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceSecurityIncident", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthSecurityIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Security Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Security" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthSecurityIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Security Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Security" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json b/services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json new file mode 100644 index 000000000..3a952b4c7 --- /dev/null +++ b/services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d3985fe5-c7f0-47a1-b52e-26098345a433", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Search searchServices SearchLatency Alert", + "description": "Policy to Audit/Deploy Search searchServices SearchLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Search", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SearchLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Search/searchServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SearchLatency-threshold-Override_'), field('tags._amba-SearchLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SearchLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Search searchServices SearchLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SearchLatency", + "metricNamespace": "Microsoft.Search/searchServices", + "metricName": "SearchLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SearchLatency-threshold-Override_'), field('tags._amba-SearchLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json b/services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json new file mode 100644 index 000000000..1be820097 --- /dev/null +++ b/services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7a044f2f-f38f-4f13-82eb-c7f49bf17ad0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Search searchServices ThrottledSearchQueriesPercentage Alert", + "description": "Policy to Audit/Deploy Search searchServices ThrottledSearchQueriesPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Search", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledSearchQueriesPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Search/searchServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledSearchQueriesPercentage-threshold-Override_'), field('tags._amba-ThrottledSearchQueriesPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledSearchQueriesPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Search searchServices ThrottledSearchQueriesPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledSearchQueriesPercentage", + "metricNamespace": "Microsoft.Search/searchServices", + "metricName": "ThrottledSearchQueriesPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledSearchQueriesPercentage-threshold-Override_'), field('tags._amba-ThrottledSearchQueriesPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json b/services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json new file mode 100644 index 000000000..e107f6626 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "172396a9-27f0-4c01-9510-94ba4a0d4738", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces AbandonMessage Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces AbandonMessage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AbandonMessage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AbandonMessage-threshold-Override_'), field('tags._amba-AbandonMessage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AbandonMessage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces AbandonMessage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AbandonMessage", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "AbandonMessage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AbandonMessage-threshold-Override_'), field('tags._amba-AbandonMessage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json b/services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json new file mode 100644 index 000000000..487c08e9a --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "784a29e7-5799-4fde-90ee-b6ebcb2a8747", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ActiveConnections Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ActiveConnections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActiveConnections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActiveConnections-threshold-Override_'), field('tags._amba-ActiveConnections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActiveConnections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ActiveConnections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActiveConnections", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ActiveConnections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActiveConnections-threshold-Override_'), field('tags._amba-ActiveConnections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json b/services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json new file mode 100644 index 000000000..e1b0d929b --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0b3362f7-b1ff-4d78-8c25-f14ee9300ae1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ActiveMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ActiveMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActiveMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActiveMessages-threshold-Override_'), field('tags._amba-ActiveMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActiveMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ActiveMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActiveMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ActiveMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActiveMessages-threshold-Override_'), field('tags._amba-ActiveMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json b/services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json new file mode 100644 index 000000000..14d008b4b --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "868a7fc3-9c5c-4fb4-9289-fbe10dd4db82", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces DeadletteredMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces DeadletteredMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeadletteredMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeadletteredMessages-threshold-Override_'), field('tags._amba-DeadletteredMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeadletteredMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces DeadletteredMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeadletteredMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "DeadletteredMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeadletteredMessages-threshold-Override_'), field('tags._amba-DeadletteredMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json b/services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json new file mode 100644 index 000000000..27007076b --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c1095936-da8d-4c63-ac70-cf97d5b1f630", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces IncomingMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces IncomingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IncomingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IncomingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces IncomingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IncomingMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "IncomingMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json b/services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json new file mode 100644 index 000000000..0f43f3e8d --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "67872571-d13d-4123-81c5-60404c4eea45", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces Messages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces Messages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Messages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Messages-threshold-Override_'), field('tags._amba-Messages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Messages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces Messages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Messages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "Messages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Messages-threshold-Override_'), field('tags._amba-Messages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json b/services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json new file mode 100644 index 000000000..3b2a72470 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "52ec94f5-0d89-434b-9d51-df92d69ba284", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces NamespaceCpuUsage Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces NamespaceCpuUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceCpuUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceCpuUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces NamespaceCpuUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceCpuUsage", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "NamespaceCpuUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json b/services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json new file mode 100644 index 000000000..f46a6c9fa --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "860d21ea-8c6a-4c78-ac40-f556eb02c3ac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces NamespaceMemoryUsage Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces NamespaceMemoryUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceMemoryUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceMemoryUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces NamespaceMemoryUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceMemoryUsage", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "NamespaceMemoryUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json b/services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json new file mode 100644 index 000000000..f108336d0 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fdde6805-edf8-4277-adb8-ad2f44e3f977", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces OutgoingMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces OutgoingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutgoingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutgoingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces OutgoingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutgoingMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "OutgoingMessages", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json b/services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json new file mode 100644 index 000000000..3b5c02217 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5543b815-f2c8-420e-847e-7507a9724557", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ScheduledMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ScheduledMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ScheduledMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ScheduledMessages-threshold-Override_'), field('tags._amba-ScheduledMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ScheduledMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ScheduledMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ScheduledMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ScheduledMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ScheduledMessages-threshold-Override_'), field('tags._amba-ScheduledMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json b/services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json new file mode 100644 index 000000000..882db5a26 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c51c3514-1730-42f3-b8ae-f2980bd22d83", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ServerErrors Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ServerErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ServerErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerErrors", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ServerErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json b/services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json new file mode 100644 index 000000000..2f6a50163 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "487c6beb-1468-4167-8eb6-e9b3ad8743b1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ServerSendLatency Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ServerSendLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerSendLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerSendLatency-threshold-Override_'), field('tags._amba-ServerSendLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerSendLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ServerSendLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerSendLatency", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ServerSendLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerSendLatency-threshold-Override_'), field('tags._amba-ServerSendLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json b/services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json new file mode 100644 index 000000000..71cff27aa --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "950586ee-6926-4483-96d4-82838afe1ca6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces Size Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces Size Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Size" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Size-threshold-Override_'), field('tags._amba-Size-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Size')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces Size", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Size", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "Size", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Size-threshold-Override_'), field('tags._amba-Size-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json b/services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json new file mode 100644 index 000000000..06118eef2 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "19785707-24c9-4852-b92a-31732b86ee04", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ThrottledRequests Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ThrottledRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ThrottledRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledRequests", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ThrottledRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json b/services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json new file mode 100644 index 000000000..c1c7cf079 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a57a1cc4-4ec9-4d8f-a81d-7e18afe54948", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces UserErrors Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces UserErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UserErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UserErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces UserErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UserErrors", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "UserErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json b/services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json new file mode 100644 index 000000000..297324ebf --- /dev/null +++ b/services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b7581df7-f127-405e-9408-9d484122be74", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SignalRService SignalR ConnectionCount Alert", + "description": "Policy to Audit/Deploy SignalRService SignalR ConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "SignalRService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "900" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.SignalRService/SignalR/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ConnectionCount-threshold-Override_'), field('tags._amba-ConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for SignalRService SignalR ConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ConnectionCount", + "metricNamespace": "Microsoft.SignalRService/SignalR", + "metricName": "ConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ConnectionCount-threshold-Override_'), field('tags._amba-ConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json b/services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json new file mode 100644 index 000000000..1ec1b7c29 --- /dev/null +++ b/services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c7567682-8723-4426-8c27-848a9cc634d0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SignalRService SignalR ConnectionQuotaUtilization Alert", + "description": "Policy to Audit/Deploy SignalRService SignalR ConnectionQuotaUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "SignalRService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ConnectionQuotaUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.SignalRService/SignalR/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ConnectionQuotaUtilization-threshold-Override_'), field('tags._amba-ConnectionQuotaUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ConnectionQuotaUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for SignalRService SignalR ConnectionQuotaUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ConnectionQuotaUtilization", + "metricNamespace": "Microsoft.SignalRService/SignalR", + "metricName": "ConnectionQuotaUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ConnectionQuotaUtilization-threshold-Override_'), field('tags._amba-ConnectionQuotaUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json b/services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json new file mode 100644 index 000000000..c7fdda841 --- /dev/null +++ b/services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "58f62f20-b9ba-472c-a2a4-37b53ed3e21d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SignalRService SignalR SystemErrors Alert", + "description": "Policy to Audit/Deploy SignalRService SignalR SystemErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "SignalRService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SystemErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.SignalRService/SignalR/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SystemErrors-threshold-Override_'), field('tags._amba-SystemErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SystemErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for SignalRService SignalR SystemErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SystemErrors", + "metricNamespace": "Microsoft.SignalRService/SignalR", + "metricName": "SystemErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SystemErrors-threshold-Override_'), field('tags._amba-SystemErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json b/services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json new file mode 100644 index 000000000..7e92a6243 --- /dev/null +++ b/services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dfd37715-0d5c-4ec5-98ae-836cd626a27f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql managedInstances avg_cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql managedInstances avg_cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "avg_cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/managedInstances/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-avg_cpu_percent-threshold-Override_'), field('tags._amba-avg_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-avg_cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql managedInstances avg_cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "avg_cpu_percent", + "metricNamespace": "Microsoft.Sql/managedInstances", + "metricName": "avg_cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-avg_cpu_percent-threshold-Override_'), field('tags._amba-avg_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json b/services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json new file mode 100644 index 000000000..5ce7752a3 --- /dev/null +++ b/services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "641ca3dc-a00f-43ac-b6bd-4f5d16f35cac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql managedInstances storage_space_used_mb Alert", + "description": "Policy to Audit/Deploy Sql managedInstances storage_space_used_mb Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_space_used_mb" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/managedInstances/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_space_used_mb-threshold-Override_'), field('tags._amba-storage_space_used_mb-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_space_used_mb')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql managedInstances storage_space_used_mb", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_space_used_mb", + "metricNamespace": "Microsoft.Sql/managedInstances", + "metricName": "storage_space_used_mb", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_space_used_mb-threshold-Override_'), field('tags._amba-storage_space_used_mb-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json b/services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json new file mode 100644 index 000000000..f5277a5f2 --- /dev/null +++ b/services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3743016a-a056-43fe-b53a-36dd9a17626d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools allocated_data_storage Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools allocated_data_storage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "225000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allocated_data_storage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allocated_data_storage-threshold-Override_'), field('tags._amba-allocated_data_storage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allocated_data_storage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools allocated_data_storage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allocated_data_storage", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "allocated_data_storage", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allocated_data_storage-threshold-Override_'), field('tags._amba-allocated_data_storage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json b/services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json new file mode 100644 index 000000000..9e1a2bdb3 --- /dev/null +++ b/services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7e9d0710-3243-4cf2-8b73-6be1539b8545", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools allocated_data_storage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools allocated_data_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allocated_data_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allocated_data_storage_percent-threshold-Override_'), field('tags._amba-allocated_data_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allocated_data_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools allocated_data_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allocated_data_storage_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "allocated_data_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allocated_data_storage_percent-threshold-Override_'), field('tags._amba-allocated_data_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json b/services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json new file mode 100644 index 000000000..befeebc66 --- /dev/null +++ b/services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "05591510-5fe2-454a-96d8-bbda8201c6a4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases app_cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases app_cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "app_cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-app_cpu_percent-threshold-Override_'), field('tags._amba-app_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-app_cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases app_cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "app_cpu_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "app_cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-app_cpu_percent-threshold-Override_'), field('tags._amba-app_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json b/services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json new file mode 100644 index 000000000..8d13090dc --- /dev/null +++ b/services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c5c95fe9-a4b4-4afa-a07a-a0d18804d416", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases app_memory_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases app_memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "app_memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-app_memory_percent-threshold-Override_'), field('tags._amba-app_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-app_memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases app_memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "app_memory_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "app_memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-app_memory_percent-threshold-Override_'), field('tags._amba-app_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json b/services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json new file mode 100644 index 000000000..578d38fcb --- /dev/null +++ b/services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2cda2f3a-8657-431a-a50f-56835aea9a81", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases blocked_by_firewall Alert", + "description": "Policy to Audit/Deploy Sql servers databases blocked_by_firewall Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "blocked_by_firewall" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-blocked_by_firewall-threshold-Override_'), field('tags._amba-blocked_by_firewall-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-blocked_by_firewall')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases blocked_by_firewall", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "blocked_by_firewall", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "blocked_by_firewall", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-blocked_by_firewall-threshold-Override_'), field('tags._amba-blocked_by_firewall-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json b/services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json new file mode 100644 index 000000000..7cdfe4b8f --- /dev/null +++ b/services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7157dc17-9d5a-4835-a122-1d0d904d61ff", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases connection_failed Alert", + "description": "Policy to Audit/Deploy Sql servers databases connection_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connection_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connection_failed-threshold-Override_'), field('tags._amba-connection_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connection_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases connection_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connection_failed", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "connection_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connection_failed-threshold-Override_'), field('tags._amba-connection_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json b/services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json new file mode 100644 index 000000000..ac14532cf --- /dev/null +++ b/services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d528ffcb-3a99-4356-96d1-981499139ffb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases connection_failed_user_error Alert", + "description": "Policy to Audit/Deploy Sql servers databases connection_failed_user_error Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connection_failed_user_error" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connection_failed_user_error-threshold-Override_'), field('tags._amba-connection_failed_user_error-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connection_failed_user_error')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases connection_failed_user_error", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connection_failed_user_error", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "connection_failed_user_error", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connection_failed_user_error-threshold-Override_'), field('tags._amba-connection_failed_user_error-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json b/services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json new file mode 100644 index 000000000..0f3625abe --- /dev/null +++ b/services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "460b6b29-a602-4409-b748-6b47b232a984", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases connection_successful Alert", + "description": "Policy to Audit/Deploy Sql servers databases connection_successful Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connection_successful" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 5 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 5 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connection_successful')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases connection_successful", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connection_successful", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "connection_successful", + "operator": "LessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 5, + "numberOfEvaluationPeriods": 5 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json b/services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json new file mode 100644 index 000000000..060e0aadc --- /dev/null +++ b/services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "805c4ae5-a852-43bd-ad1c-0f7f381d8f32", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json b/services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json new file mode 100644 index 000000000..adcb3b085 --- /dev/null +++ b/services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3ddd3f95-989c-4777-b6b8-728439aae1df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases cpu_used Alert", + "description": "Policy to Audit/Deploy Sql servers databases cpu_used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_used-threshold-Override_'), field('tags._amba-cpu_used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases cpu_used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_used", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "cpu_used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_used-threshold-Override_'), field('tags._amba-cpu_used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json b/services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json new file mode 100644 index 000000000..e7fd36b35 --- /dev/null +++ b/services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ce44fc81-3610-4165-a107-9dd4b8ab3972", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases deadlock Alert", + "description": "Policy to Audit/Deploy Sql servers databases deadlock Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "deadlock" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-deadlock-threshold-Override_'), field('tags._amba-deadlock-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-deadlock')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases deadlock", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "deadlock", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "deadlock", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-deadlock-threshold-Override_'), field('tags._amba-deadlock-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json b/services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json new file mode 100644 index 000000000..0b30457ce --- /dev/null +++ b/services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5d9075b5-3c19-4cf6-9c2e-50ba4c175691", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools dtu_consumption_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools dtu_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dtu_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dtu_consumption_percent-threshold-Override_'), field('tags._amba-dtu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dtu_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools dtu_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dtu_consumption_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "dtu_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dtu_consumption_percent-threshold-Override_'), field('tags._amba-dtu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json b/services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json new file mode 100644 index 000000000..a86128aba --- /dev/null +++ b/services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "50124594-a291-4183-a8e3-195f5e6f5204", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases dtu_limit Alert", + "description": "Policy to Audit/Deploy Sql servers databases dtu_limit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dtu_limit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dtu_limit-threshold-Override_'), field('tags._amba-dtu_limit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dtu_limit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases dtu_limit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dtu_limit", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "dtu_limit", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dtu_limit-threshold-Override_'), field('tags._amba-dtu_limit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json b/services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json new file mode 100644 index 000000000..47ce684b4 --- /dev/null +++ b/services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d26f4c8b-0461-4c57-b230-cbd1a5424db1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases dtu_used Alert", + "description": "Policy to Audit/Deploy Sql servers databases dtu_used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dtu_used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dtu_used-threshold-Override_'), field('tags._amba-dtu_used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dtu_used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases dtu_used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dtu_used", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "dtu_used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dtu_used-threshold-Override_'), field('tags._amba-dtu_used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json b/services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json new file mode 100644 index 000000000..b4d3aa8d2 --- /dev/null +++ b/services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "70f88865-7a8b-4e03-9252-a9369df503ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases dwu_consumption_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases dwu_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dwu_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dwu_consumption_percent-threshold-Override_'), field('tags._amba-dwu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dwu_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases dwu_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dwu_consumption_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "dwu_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dwu_consumption_percent-threshold-Override_'), field('tags._amba-dwu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json b/services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json new file mode 100644 index 000000000..460a752cc --- /dev/null +++ b/services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "16a64053-1905-4d8e-8198-810584cad108", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools eDTU_used Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools eDTU_used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "eDTU_used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-eDTU_used-threshold-Override_'), field('tags._amba-eDTU_used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-eDTU_used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools eDTU_used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "eDTU_used", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "eDTU_used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-eDTU_used-threshold-Override_'), field('tags._amba-eDTU_used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json b/services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json new file mode 100644 index 000000000..0ed9ca88c --- /dev/null +++ b/services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "47cd814e-1991-437e-8feb-e589a250d2a3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools log_write_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools log_write_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "log_write_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-log_write_percent-threshold-Override_'), field('tags._amba-log_write_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-log_write_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools log_write_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "log_write_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "log_write_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-log_write_percent-threshold-Override_'), field('tags._amba-log_write_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json b/services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json new file mode 100644 index 000000000..3063bad8e --- /dev/null +++ b/services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f5c13b49-8528-457d-9d7d-083b8433bf96", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases memory_usage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases memory_usage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_usage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_usage_percent-threshold-Override_'), field('tags._amba-memory_usage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_usage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases memory_usage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_usage_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "memory_usage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_usage_percent-threshold-Override_'), field('tags._amba-memory_usage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json b/services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json new file mode 100644 index 000000000..1389398ef --- /dev/null +++ b/services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "92efc2ea-b6ed-41aa-921c-6d40e7b58c27", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools physical_data_read_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools physical_data_read_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "physical_data_read_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-physical_data_read_percent-threshold-Override_'), field('tags._amba-physical_data_read_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-physical_data_read_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools physical_data_read_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "physical_data_read_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "physical_data_read_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-physical_data_read_percent-threshold-Override_'), field('tags._amba-physical_data_read_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json b/services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json new file mode 100644 index 000000000..36c9c4921 --- /dev/null +++ b/services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "07eeae07-010e-47ca-ad90-fa7adb5a6c52", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases sessions_count Alert", + "description": "Policy to Audit/Deploy Sql servers databases sessions_count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sessions_count" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sessions_count-threshold-Override_'), field('tags._amba-sessions_count-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sessions_count')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases sessions_count", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sessions_count", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "sessions_count", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sessions_count-threshold-Override_'), field('tags._amba-sessions_count-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json b/services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json new file mode 100644 index 000000000..c1cd4491a --- /dev/null +++ b/services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools sessions_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools sessions_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sessions_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sessions_percent-threshold-Override_'), field('tags._amba-sessions_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sessions_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools sessions_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sessions_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "sessions_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sessions_percent-threshold-Override_'), field('tags._amba-sessions_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json b/services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json new file mode 100644 index 000000000..445175bde --- /dev/null +++ b/services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1a8132b9-fbd2-4ac5-9e08-96358e16b7f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases sql_instance_cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases sql_instance_cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sql_instance_cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sql_instance_cpu_percent-threshold-Override_'), field('tags._amba-sql_instance_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sql_instance_cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases sql_instance_cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sql_instance_cpu_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "sql_instance_cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sql_instance_cpu_percent-threshold-Override_'), field('tags._amba-sql_instance_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json b/services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json new file mode 100644 index 000000000..0b4d08f43 --- /dev/null +++ b/services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases sql_instance_memory_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases sql_instance_memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sql_instance_memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sql_instance_memory_percent-threshold-Override_'), field('tags._amba-sql_instance_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sql_instance_memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases sql_instance_memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sql_instance_memory_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "sql_instance_memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sql_instance_memory_percent-threshold-Override_'), field('tags._amba-sql_instance_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json b/services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json new file mode 100644 index 000000000..476a72e6f --- /dev/null +++ b/services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "73ec4301-872a-4bea-928e-420255aae8cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools sqlserver_process_core_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools sqlserver_process_core_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sqlserver_process_core_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sqlserver_process_core_percent-threshold-Override_'), field('tags._amba-sqlserver_process_core_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sqlserver_process_core_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools sqlserver_process_core_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sqlserver_process_core_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "sqlserver_process_core_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sqlserver_process_core_percent-threshold-Override_'), field('tags._amba-sqlserver_process_core_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json b/services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json new file mode 100644 index 000000000..f95b91caa --- /dev/null +++ b/services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fa056aaf-57c4-4abe-9bc5-23ba413a1f5b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools sqlserver_process_memory_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools sqlserver_process_memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sqlserver_process_memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sqlserver_process_memory_percent-threshold-Override_'), field('tags._amba-sqlserver_process_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sqlserver_process_memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools sqlserver_process_memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sqlserver_process_memory_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "sqlserver_process_memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sqlserver_process_memory_percent-threshold-Override_'), field('tags._amba-sqlserver_process_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json b/services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json new file mode 100644 index 000000000..b782ca4ce --- /dev/null +++ b/services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "86922a27-41bb-4834-bc54-0b602b275597", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases storage Alert", + "description": "Policy to Audit/Deploy Sql servers databases storage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "934584883610" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage-threshold-Override_'), field('tags._amba-storage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases storage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "storage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage-threshold-Override_'), field('tags._amba-storage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json b/services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json new file mode 100644 index 000000000..8da023875 --- /dev/null +++ b/services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "88f3cbc0-bcfb-482f-b6f4-709a335afcad", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools storage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json b/services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json new file mode 100644 index 000000000..b35edcd68 --- /dev/null +++ b/services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases tempdb_data_size Alert", + "description": "Policy to Audit/Deploy Sql servers databases tempdb_data_size Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "tempdb_data_size" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-tempdb_data_size-threshold-Override_'), field('tags._amba-tempdb_data_size-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-tempdb_data_size')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases tempdb_data_size", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "tempdb_data_size", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "tempdb_data_size", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-tempdb_data_size-threshold-Override_'), field('tags._amba-tempdb_data_size-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json b/services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json new file mode 100644 index 000000000..5661ef7a5 --- /dev/null +++ b/services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af66de51-079c-4d34-af92-f52f887642dc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools tempdb_log_used_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools tempdb_log_used_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "tempdb_log_used_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-tempdb_log_used_percent-threshold-Override_'), field('tags._amba-tempdb_log_used_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-tempdb_log_used_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools tempdb_log_used_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "tempdb_log_used_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "tempdb_log_used_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-tempdb_log_used_percent-threshold-Override_'), field('tags._amba-tempdb_log_used_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json b/services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json new file mode 100644 index 000000000..2f10653cf --- /dev/null +++ b/services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1b37038e-6e5c-4463-97d4-8a632251d70e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools workers_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools workers_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "workers_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-workers_percent-threshold-Override_'), field('tags._amba-workers_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-workers_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools workers_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "workers_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "workers_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-workers_percent-threshold-Override_'), field('tags._amba-workers_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json b/services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json new file mode 100644 index 000000000..7e8c2a3a7 --- /dev/null +++ b/services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "db517009-30ad-4cbc-b282-7f212052c3b4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools xtp_storage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools xtp_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "xtp_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-xtp_storage_percent-threshold-Override_'), field('tags._amba-xtp_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-xtp_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools xtp_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "xtp_storage_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "xtp_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-xtp_storage_percent-threshold-Override_'), field('tags._amba-xtp_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json b/services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json new file mode 100644 index 000000000..6a485ad80 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "45fef979-c27e-425a-a6c3-e5bd28b1eb86", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices Availability Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Availability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Availability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices Availability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Availability", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "Availability", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json b/services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json new file mode 100644 index 000000000..2eb8cca23 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b1a4849b-78a8-437f-8113-7c6f2dc34927", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SA Availability Alert", + "description": "Policy to Audit/Deploy SA Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Availability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Availability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts Availability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Availability", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "Availability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json b/services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json new file mode 100644 index 000000000..b9770a7cc --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices BlobCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices BlobCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "107374182400" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlobCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlobCapacity-threshold-Override_'), field('tags._amba-BlobCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlobCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices BlobCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlobCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "BlobCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlobCapacity-threshold-Override_'), field('tags._amba-BlobCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json b/services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json new file mode 100644 index 000000000..933086260 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c4d93fac-a6b6-4731-a92a-c499b6fb2bcb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices BlobCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices BlobCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlobCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlobCount-threshold-Override_'), field('tags._amba-BlobCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlobCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices BlobCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlobCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "BlobCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlobCount-threshold-Override_'), field('tags._amba-BlobCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json b/services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json new file mode 100644 index 000000000..d06c1c3fa --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb186756-b63b-408a-bbaf-ac94c1010287", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts Egress Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts Egress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Egress" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Egress-threshold-Override_'), field('tags._amba-Egress-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Egress')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts Egress", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Egress", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "Egress", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Egress-threshold-Override_'), field('tags._amba-Egress-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json b/services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json new file mode 100644 index 000000000..767460da4 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "26e09eae-c784-4e8f-a225-d3f13efff76f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "96636764160" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileCapacity-threshold-Override_'), field('tags._amba-FileCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileCapacity-threshold-Override_'), field('tags._amba-FileCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json b/services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json new file mode 100644 index 000000000..9caedd8a9 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8660f357-83f9-4719-bdf3-bae57af2d967", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileShareCapacityQuota Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileShareCapacityQuota Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5222680231936" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileShareCapacityQuota" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileShareCapacityQuota-threshold-Override_'), field('tags._amba-FileShareCapacityQuota-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileShareCapacityQuota')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileShareCapacityQuota", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileShareCapacityQuota", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileShareCapacityQuota", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileShareCapacityQuota-threshold-Override_'), field('tags._amba-FileShareCapacityQuota-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json b/services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json new file mode 100644 index 000000000..c28a9f87c --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileShareCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileShareCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileShareCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileShareCount-threshold-Override_'), field('tags._amba-FileShareCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileShareCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileShareCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileShareCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileShareCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileShareCount-threshold-Override_'), field('tags._amba-FileShareCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json b/services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json new file mode 100644 index 000000000..c84e48f68 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8cbe449d-9264-4ae1-8221-5d97989005a8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileShareSnapshotCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileShareSnapshotCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "190" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileShareSnapshotCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileShareSnapshotCount-threshold-Override_'), field('tags._amba-FileShareSnapshotCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileShareSnapshotCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileShareSnapshotCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileShareSnapshotCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileShareSnapshotCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileShareSnapshotCount-threshold-Override_'), field('tags._amba-FileShareSnapshotCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json b/services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json new file mode 100644 index 000000000..075e621b7 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5d872cb4-7f71-4275-81eb-98c968c0cadd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts Ingress Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts Ingress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1073741824" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Ingress" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Ingress-threshold-Override_'), field('tags._amba-Ingress-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Ingress')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts Ingress", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Ingress", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "Ingress", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Ingress-threshold-Override_'), field('tags._amba-Ingress-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json b/services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json new file mode 100644 index 000000000..922093e30 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7815fc6f-bfb1-4474-9ea6-05e1449a2ed5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts queueServices QueueCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts queueServices QueueCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "31457280" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueueCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/queueServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueueCapacity-threshold-Override_'), field('tags._amba-QueueCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueueCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts queueServices QueueCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueueCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts/queueServices", + "metricName": "QueueCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueueCapacity-threshold-Override_'), field('tags._amba-QueueCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json b/services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json new file mode 100644 index 000000000..5a3a7b077 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f75dec98-78a3-4e42-954d-375fe3352857", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts queueServices QueueCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts queueServices QueueCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueueCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/queueServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueueCount-threshold-Override_'), field('tags._amba-QueueCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueueCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts queueServices QueueCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueueCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/queueServices", + "metricName": "QueueCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueueCount-threshold-Override_'), field('tags._amba-QueueCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json b/services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json new file mode 100644 index 000000000..3bc7e4ce5 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "34769aaa-5014-4ced-bb08-9fabfba3d959", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts queueServices QueueMessageCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts queueServices QueueMessageCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueueMessageCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/queueServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueueMessageCount-threshold-Override_'), field('tags._amba-QueueMessageCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueueMessageCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts queueServices QueueMessageCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueueMessageCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/queueServices", + "metricName": "QueueMessageCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueueMessageCount-threshold-Override_'), field('tags._amba-QueueMessageCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json b/services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json new file mode 100644 index 000000000..fd0f7964f --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0acc30dc-881d-46c9-b634-8cba507a263f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices SuccessE2ELatency Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices SuccessE2ELatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessE2ELatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessE2ELatency-threshold-Override_'), field('tags._amba-SuccessE2ELatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessE2ELatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices SuccessE2ELatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessE2ELatency", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "SuccessE2ELatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessE2ELatency-threshold-Override_'), field('tags._amba-SuccessE2ELatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json b/services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json new file mode 100644 index 000000000..a932ca197 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0a3689c7-b610-4c52-ae84-ab0640f3d6e4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices SuccessServerLatency Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices SuccessServerLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessServerLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessServerLatency-threshold-Override_'), field('tags._amba-SuccessServerLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessServerLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices SuccessServerLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessServerLatency", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "SuccessServerLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessServerLatency-threshold-Override_'), field('tags._amba-SuccessServerLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json b/services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json new file mode 100644 index 000000000..c8e10661c --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5e544473-d84f-427d-869d-9d982619e4cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SA Throttling Alert", + "description": "Policy to Audit/Deploy SA Throttling Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Transactions" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Transactions')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices Transactions", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Transactions", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "Transactions", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json b/services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json new file mode 100644 index 000000000..f0d6c4799 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c81d3e6c-5539-42ad-a95f-9bba504d91f0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices Transactions Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices Transactions Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Transactions" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Transactions')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices Transactions", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Transactions", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "Transactions", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json b/services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json new file mode 100644 index 000000000..e113546cc --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b663a689-6db8-467d-8b5d-8cd34afe4b0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts UsedCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts UsedCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2251800000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsedCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsedCapacity-threshold-Override_'), field('tags._amba-UsedCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsedCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts UsedCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsedCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "UsedCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsedCapacity-threshold-Override_'), field('tags._amba-UsedCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json b/services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json new file mode 100644 index 000000000..63652816a --- /dev/null +++ b/services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ff3df303-c3b0-449c-840d-68084707773e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageCache amlFilesystems ClientIOPS Alert", + "description": "Policy to Audit/Deploy StorageCache amlFilesystems ClientIOPS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageCache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ClientIOPS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageCache/amlFilesystems/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ClientIOPS-threshold-Override_'), field('tags._amba-ClientIOPS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ClientIOPS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageCache amlFilesystems ClientIOPS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ClientIOPS", + "metricNamespace": "Microsoft.StorageCache/amlFilesystems", + "metricName": "ClientIOPS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ClientIOPS-threshold-Override_'), field('tags._amba-ClientIOPS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json b/services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json new file mode 100644 index 000000000..a7a7bc583 --- /dev/null +++ b/services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "31dead21-5454-41f0-9aab-faeabef89d67", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageCache amlFilesystems ClientLatency Alert", + "description": "Policy to Audit/Deploy StorageCache amlFilesystems ClientLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageCache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ClientLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageCache/amlFilesystems/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ClientLatency-threshold-Override_'), field('tags._amba-ClientLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ClientLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageCache amlFilesystems ClientLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ClientLatency", + "metricNamespace": "Microsoft.StorageCache/amlFilesystems", + "metricName": "ClientLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ClientLatency-threshold-Override_'), field('tags._amba-ClientLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json b/services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json new file mode 100644 index 000000000..c9d655f8f --- /dev/null +++ b/services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7f951991-c6ce-4c72-9f55-7eade2c4f57c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageCache caches Uptime Alert", + "description": "Policy to Audit/Deploy StorageCache caches Uptime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageCache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageCache/caches" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageCache/caches" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Uptime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageCache/caches/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Uptime-threshold-Override_'), field('tags._amba-Uptime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Uptime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageCache caches Uptime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Uptime", + "metricNamespace": "Microsoft.StorageCache/caches", + "metricName": "Uptime", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Uptime-threshold-Override_'), field('tags._amba-Uptime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json b/services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json new file mode 100644 index 000000000..422ee8944 --- /dev/null +++ b/services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea68cbf2-b8a6-4f47-afda-94cab9ce4622", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageSync storageSyncServices ServerSyncSessionResult Alert", + "description": "Policy to Audit/Deploy StorageSync storageSyncServices ServerSyncSessionResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageSync", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerSyncSessionResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageSync/storageSyncServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerSyncSessionResult-threshold-Override_'), field('tags._amba-ServerSyncSessionResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerSyncSessionResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageSync storageSyncServices ServerSyncSessionResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerSyncSessionResult", + "metricNamespace": "Microsoft.StorageSync/storageSyncServices", + "metricName": "ServerSyncSessionResult", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerSyncSessionResult-threshold-Override_'), field('tags._amba-ServerSyncSessionResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json new file mode 100644 index 000000000..8ecc82610 --- /dev/null +++ b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb627157-b9c8-4e8f-a00e-f9eb7df45c78", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageSync storageSyncServices StorageSyncServerHeartbeat Alert", + "description": "Policy to Audit/Deploy StorageSync storageSyncServices StorageSyncServerHeartbeat Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageSync", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageSyncServerHeartbeat" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageSync/storageSyncServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageSyncServerHeartbeat-threshold-Override_'), field('tags._amba-StorageSyncServerHeartbeat-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageSyncServerHeartbeat')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageSync storageSyncServices StorageSyncServerHeartbeat", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageSyncServerHeartbeat", + "metricNamespace": "Microsoft.StorageSync/storageSyncServices", + "metricName": "StorageSyncServerHeartbeat", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageSyncServerHeartbeat-threshold-Override_'), field('tags._amba-StorageSyncServerHeartbeat-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json new file mode 100644 index 000000000..0fe1be4ef --- /dev/null +++ b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0020bd6d-cd35-491e-9c71-f66bd64ed9a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageSync storageSyncServices StorageSyncSyncSessionPerItemErrorsCount Alert", + "description": "Policy to Audit/Deploy StorageSync storageSyncServices StorageSyncSyncSessionPerItemErrorsCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageSync", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageSyncSyncSessionPerItemErrorsCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageSync/storageSyncServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), field('tags._amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageSyncSyncSessionPerItemErrorsCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageSync storageSyncServices StorageSyncSyncSessionPerItemErrorsCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageSyncSyncSessionPerItemErrorsCount", + "metricNamespace": "Microsoft.StorageSync/storageSyncServices", + "metricName": "StorageSyncSyncSessionPerItemErrorsCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), field('tags._amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json b/services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json new file mode 100644 index 000000000..af956e5e4 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0fa5804-9d5f-4e23-91c0-996c561585ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs AMLCalloutFailedRequests Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs AMLCalloutFailedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AMLCalloutFailedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AMLCalloutFailedRequests-threshold-Override_'), field('tags._amba-AMLCalloutFailedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AMLCalloutFailedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs AMLCalloutFailedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AMLCalloutFailedRequests", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "AMLCalloutFailedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AMLCalloutFailedRequests-threshold-Override_'), field('tags._amba-AMLCalloutFailedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json b/services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json new file mode 100644 index 000000000..3e1662e8d --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7d30aeb3-31e5-4742-aa7e-825c2a6af42a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs ConversionErrors Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs ConversionErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ConversionErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ConversionErrors-threshold-Override_'), field('tags._amba-ConversionErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ConversionErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs ConversionErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ConversionErrors", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "ConversionErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ConversionErrors-threshold-Override_'), field('tags._amba-ConversionErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json b/services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json new file mode 100644 index 000000000..8e5d1d87b --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "381221db-fd9a-4d65-a16f-63e7492b0a49", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs DeserializationError Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs DeserializationError Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeserializationError" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeserializationError-threshold-Override_'), field('tags._amba-DeserializationError-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeserializationError')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs DeserializationError", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeserializationError", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "DeserializationError", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeserializationError-threshold-Override_'), field('tags._amba-DeserializationError-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json b/services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json new file mode 100644 index 000000000..28cec33ed --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs Errors Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs Errors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Errors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Errors-threshold-Override_'), field('tags._amba-Errors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Errors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs Errors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Errors", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "Errors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Errors-threshold-Override_'), field('tags._amba-Errors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json b/services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json new file mode 100644 index 000000000..9741b6f8f --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b46ef7a9-6597-4c4f-a5ca-9ca653e1b716", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs InputEventsSourcesBacklogged Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs InputEventsSourcesBacklogged Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "InputEventsSourcesBacklogged" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-InputEventsSourcesBacklogged-threshold-Override_'), field('tags._amba-InputEventsSourcesBacklogged-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-InputEventsSourcesBacklogged')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs InputEventsSourcesBacklogged", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "InputEventsSourcesBacklogged", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "InputEventsSourcesBacklogged", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-InputEventsSourcesBacklogged-threshold-Override_'), field('tags._amba-InputEventsSourcesBacklogged-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json b/services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json new file mode 100644 index 000000000..0eb9fe14b --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1dc8c746-4caf-4355-9d82-bdeaa1cf95bf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs InputEvents Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs InputEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "InputEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-InputEvents-threshold-Override_'), field('tags._amba-InputEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-InputEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs InputEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "InputEvents", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "InputEvents", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-InputEvents-threshold-Override_'), field('tags._amba-InputEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json b/services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json new file mode 100644 index 000000000..2c60a9735 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c0dbcbee-eefd-4ee4-bd25-48d42444c882", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs OutputEvents Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs OutputEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutputEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutputEvents-threshold-Override_'), field('tags._amba-OutputEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutputEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs OutputEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutputEvents", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "OutputEvents", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutputEvents-threshold-Override_'), field('tags._amba-OutputEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json b/services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json new file mode 100644 index 000000000..45e9a32b4 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "289283c0-87ae-475f-b756-306783c7ec4d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs OutputWatermarkDelaySeconds Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs OutputWatermarkDelaySeconds Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3600" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutputWatermarkDelaySeconds" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutputWatermarkDelaySeconds-threshold-Override_'), field('tags._amba-OutputWatermarkDelaySeconds-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutputWatermarkDelaySeconds')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs OutputWatermarkDelaySeconds", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutputWatermarkDelaySeconds", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "OutputWatermarkDelaySeconds", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutputWatermarkDelaySeconds-threshold-Override_'), field('tags._amba-OutputWatermarkDelaySeconds-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json b/services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json new file mode 100644 index 000000000..28e32a751 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea14eb56-238e-42b2-95ae-4d624d720d10", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs ProcessCPUUsagePercentage Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs ProcessCPUUsagePercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProcessCPUUsagePercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProcessCPUUsagePercentage-threshold-Override_'), field('tags._amba-ProcessCPUUsagePercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProcessCPUUsagePercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs ProcessCPUUsagePercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProcessCPUUsagePercentage", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "ProcessCPUUsagePercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProcessCPUUsagePercentage-threshold-Override_'), field('tags._amba-ProcessCPUUsagePercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json b/services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json new file mode 100644 index 000000000..35bb2cae2 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4f2ead64-7412-4695-9855-47f36ade6f7e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs ResourceUtilization Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs ResourceUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ResourceUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ResourceUtilization-threshold-Override_'), field('tags._amba-ResourceUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ResourceUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs ResourceUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ResourceUtilization", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "ResourceUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ResourceUtilization-threshold-Override_'), field('tags._amba-ResourceUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json new file mode 100644 index 000000000..92737aa39 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8e2a7c77-890c-49d5-aadd-052764135995", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces BuiltinSqlPoolDataProcessedBytes Alert", + "description": "Policy to Audit/Deploy Synapse workspaces BuiltinSqlPoolDataProcessedBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "386547056640" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BuiltinSqlPoolDataProcessedBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), field('tags._amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BuiltinSqlPoolDataProcessedBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces BuiltinSqlPoolDataProcessedBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BuiltinSqlPoolDataProcessedBytes", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "BuiltinSqlPoolDataProcessedBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), field('tags._amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json new file mode 100644 index 000000000..12a845ed2 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6cf01e09-24d5-4097-bac1-1d39b0f577c8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces BuiltinSqlPoolLoginAttempts Alert", + "description": "Policy to Audit/Deploy Synapse workspaces BuiltinSqlPoolLoginAttempts Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "360" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BuiltinSqlPoolLoginAttempts" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), field('tags._amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BuiltinSqlPoolLoginAttempts')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces BuiltinSqlPoolLoginAttempts", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BuiltinSqlPoolLoginAttempts", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "BuiltinSqlPoolLoginAttempts", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), field('tags._amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json b/services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json new file mode 100644 index 000000000..a9bf3dd6d --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d8d1bc29-bfdb-48a5-89bd-7e34522d8085", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces sqlPools CPUPercent Alert", + "description": "Policy to Audit/Deploy Synapse workspaces sqlPools CPUPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPUPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/sqlPools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPUPercent-threshold-Override_'), field('tags._amba-CPUPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPUPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces sqlPools CPUPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPUPercent", + "metricNamespace": "Microsoft.Synapse/workspaces/sqlPools", + "metricName": "CPUPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPUPercent-threshold-Override_'), field('tags._amba-CPUPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json b/services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json new file mode 100644 index 000000000..1e201b881 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "64f41eaa-048f-4892-b80f-593e74ef4f84", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces sqlPools DWUUsedPercent Alert", + "description": "Policy to Audit/Deploy Synapse workspaces sqlPools DWUUsedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DWUUsedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/sqlPools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DWUUsedPercent-threshold-Override_'), field('tags._amba-DWUUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DWUUsedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces sqlPools DWUUsedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DWUUsedPercent", + "metricNamespace": "Microsoft.Synapse/workspaces/sqlPools", + "metricName": "DWUUsedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DWUUsedPercent-threshold-Override_'), field('tags._amba-DWUUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json b/services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json new file mode 100644 index 000000000..d175f1086 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "21280a1a-d4e5-4ec3-83f5-f8d22ae0340a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces IntegrationActivityRunsEnded Alert", + "description": "Policy to Audit/Deploy Synapse workspaces IntegrationActivityRunsEnded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "700" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationActivityRunsEnded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationActivityRunsEnded-threshold-Override_'), field('tags._amba-IntegrationActivityRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationActivityRunsEnded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces IntegrationActivityRunsEnded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationActivityRunsEnded", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "IntegrationActivityRunsEnded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationActivityRunsEnded-threshold-Override_'), field('tags._amba-IntegrationActivityRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json b/services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json new file mode 100644 index 000000000..53c8cbd38 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "16072e08-8ffb-48c9-afa9-fe2192b4513b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces IntegrationPipelineRunsEnded Alert", + "description": "Policy to Audit/Deploy Synapse workspaces IntegrationPipelineRunsEnded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationPipelineRunsEnded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationPipelineRunsEnded-threshold-Override_'), field('tags._amba-IntegrationPipelineRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationPipelineRunsEnded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces IntegrationPipelineRunsEnded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationPipelineRunsEnded", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "IntegrationPipelineRunsEnded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationPipelineRunsEnded-threshold-Override_'), field('tags._amba-IntegrationPipelineRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json b/services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json new file mode 100644 index 000000000..e269da12b --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "583c6484-b7a3-4908-b4d4-9a8b08d1edf9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces IntegrationTriggerRunsEnded Alert", + "description": "Policy to Audit/Deploy Synapse workspaces IntegrationTriggerRunsEnded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationTriggerRunsEnded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationTriggerRunsEnded-threshold-Override_'), field('tags._amba-IntegrationTriggerRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationTriggerRunsEnded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces IntegrationTriggerRunsEnded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationTriggerRunsEnded", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "IntegrationTriggerRunsEnded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationTriggerRunsEnded-threshold-Override_'), field('tags._amba-IntegrationTriggerRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json b/services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json new file mode 100644 index 000000000..5dc717057 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4c4d35e8-fdd7-4951-8a71-7b9add69d337", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces sqlPools MemoryUsedPercent Alert", + "description": "Policy to Audit/Deploy Synapse workspaces sqlPools MemoryUsedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryUsedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/sqlPools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MemoryUsedPercent-threshold-Override_'), field('tags._amba-MemoryUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryUsedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces sqlPools MemoryUsedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryUsedPercent", + "metricNamespace": "Microsoft.Synapse/workspaces/sqlPools", + "metricName": "MemoryUsedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MemoryUsedPercent-threshold-Override_'), field('tags._amba-MemoryUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json b/services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json new file mode 100644 index 000000000..010feadcb --- /dev/null +++ b/services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web hostingEnvironments multiRolePools CpuPercentage Alert", + "description": "Policy to Audit/Deploy Web hostingEnvironments multiRolePools CpuPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/hostingEnvironments/multiRolePools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web hostingEnvironments multiRolePools CpuPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuPercentage", + "metricNamespace": "Microsoft.Web/hostingEnvironments/multiRolePools", + "metricName": "CpuPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json b/services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json new file mode 100644 index 000000000..f97d3a9eb --- /dev/null +++ b/services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c7ad761f-19bf-4289-ab47-2721c6d387eb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web hostingEnvironments multiRolePools HttpQueueLength Alert", + "description": "Policy to Audit/Deploy Web hostingEnvironments multiRolePools HttpQueueLength Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HttpQueueLength" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/hostingEnvironments/multiRolePools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HttpQueueLength')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web hostingEnvironments multiRolePools HttpQueueLength", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HttpQueueLength", + "metricNamespace": "Microsoft.Web/hostingEnvironments/multiRolePools", + "metricName": "HttpQueueLength", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json b/services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json new file mode 100644 index 000000000..26239b4aa --- /dev/null +++ b/services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7bdc68c3-7679-482d-82e4-92a8229db9d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms BytesReceived Alert", + "description": "Policy to Audit/Deploy Web serverFarms BytesReceived Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesReceived" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesReceived')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms BytesReceived", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesReceived", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "BytesReceived", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json b/services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json new file mode 100644 index 000000000..3b450a896 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "520cc4d4-2caa-42df-b8b7-86dbc4786ce6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms BytesSent Alert", + "description": "Policy to Audit/Deploy Web serverFarms BytesSent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesSent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesSent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms BytesSent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesSent", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "BytesSent", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json b/services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json new file mode 100644 index 000000000..43131cc01 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8748b7d6-ef2a-4548-bf8e-dc6eecd2a651", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms CpuPercentage Alert", + "description": "Policy to Audit/Deploy Web serverFarms CpuPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms CpuPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuPercentage", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "CpuPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json b/services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json new file mode 100644 index 000000000..b9e7cae0a --- /dev/null +++ b/services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14dbacac-2559-4537-9be9-7d08bdd0888d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms DiskQueueLength Alert", + "description": "Policy to Audit/Deploy Web serverFarms DiskQueueLength Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DiskQueueLength" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DiskQueueLength-threshold-Override_'), field('tags._amba-DiskQueueLength-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DiskQueueLength')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms DiskQueueLength", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DiskQueueLength", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "DiskQueueLength", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DiskQueueLength-threshold-Override_'), field('tags._amba-DiskQueueLength-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json b/services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json new file mode 100644 index 000000000..545273064 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e85efb6a-239a-41e0-8cdd-b1792c41ec41", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms HttpQueueLength Alert", + "description": "Policy to Audit/Deploy Web serverFarms HttpQueueLength Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HttpQueueLength" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HttpQueueLength')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms HttpQueueLength", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HttpQueueLength", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "HttpQueueLength", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json b/services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json new file mode 100644 index 000000000..ec2770bb3 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b87ecc60-7558-4cb4-8ef9-3185c4c19579", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms MemoryPercentage Alert", + "description": "Policy to Audit/Deploy Web serverFarms MemoryPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MemoryPercentage-threshold-Override_'), field('tags._amba-MemoryPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms MemoryPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryPercentage", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "MemoryPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MemoryPercentage-threshold-Override_'), field('tags._amba-MemoryPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json b/services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json new file mode 100644 index 000000000..5f8ca5367 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "96257455-b2cf-4f35-9c64-00eea637471a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms SocketOutboundAll Alert", + "description": "Policy to Audit/Deploy Web serverFarms SocketOutboundAll Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SocketOutboundAll" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SocketOutboundAll-threshold-Override_'), field('tags._amba-SocketOutboundAll-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SocketOutboundAll')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms SocketOutboundAll", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SocketOutboundAll", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "SocketOutboundAll", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SocketOutboundAll-threshold-Override_'), field('tags._amba-SocketOutboundAll-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json b/services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json new file mode 100644 index 000000000..6d5f6b36f --- /dev/null +++ b/services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f03350e9-f936-4ac0-a64f-2d2df1fc9f75", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms TcpEstablished Alert", + "description": "Policy to Audit/Deploy Web serverFarms TcpEstablished Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TcpEstablished" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TcpEstablished-threshold-Override_'), field('tags._amba-TcpEstablished-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TcpEstablished')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms TcpEstablished", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TcpEstablished", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "TcpEstablished", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TcpEstablished-threshold-Override_'), field('tags._amba-TcpEstablished-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json b/services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json new file mode 100644 index 000000000..dbf356b1a --- /dev/null +++ b/services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2a129b1b-36a7-4048-9403-004dc5e6b0b2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms TcpTimeWait Alert", + "description": "Policy to Audit/Deploy Web serverFarms TcpTimeWait Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "300" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TcpTimeWait" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TcpTimeWait-threshold-Override_'), field('tags._amba-TcpTimeWait-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TcpTimeWait')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms TcpTimeWait", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TcpTimeWait", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "TcpTimeWait", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TcpTimeWait-threshold-Override_'), field('tags._amba-TcpTimeWait-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json b/services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json new file mode 100644 index 000000000..3b3bd0143 --- /dev/null +++ b/services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a74bd8f3-cab7-46e6-ac1e-7527d2385bee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites AppConnections Alert", + "description": "Policy to Audit/Deploy Web sites AppConnections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AppConnections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AppConnections-threshold-Override_'), field('tags._amba-AppConnections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AppConnections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites AppConnections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AppConnections", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "AppConnections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AppConnections-threshold-Override_'), field('tags._amba-AppConnections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json b/services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json new file mode 100644 index 000000000..5067f25ca --- /dev/null +++ b/services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e6f23a76-11f3-471e-b7d7-ebc787487069", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots AverageMemoryWorkingSet Alert", + "description": "Policy to Audit/Deploy Web sites slots AverageMemoryWorkingSet Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "800000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageMemoryWorkingSet" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageMemoryWorkingSet-threshold-Override_'), field('tags._amba-AverageMemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageMemoryWorkingSet')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots AverageMemoryWorkingSet", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageMemoryWorkingSet", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "AverageMemoryWorkingSet", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageMemoryWorkingSet-threshold-Override_'), field('tags._amba-AverageMemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json b/services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json new file mode 100644 index 000000000..4f00d8286 --- /dev/null +++ b/services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b16f8234-e6c6-4723-933e-e5f8c179f23d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites AverageResponseTime Alert", + "description": "Policy to Audit/Deploy Web sites AverageResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageResponseTime-threshold-Override_'), field('tags._amba-AverageResponseTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites AverageResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageResponseTime", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "AverageResponseTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageResponseTime-threshold-Override_'), field('tags._amba-AverageResponseTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json b/services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json new file mode 100644 index 000000000..37425c906 --- /dev/null +++ b/services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9177e32-e3fa-425a-a02e-727ff3515ae0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites BytesReceived Alert", + "description": "Policy to Audit/Deploy Web sites BytesReceived Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2048000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesReceived" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesReceived')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites BytesReceived", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesReceived", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "BytesReceived", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json b/services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json new file mode 100644 index 000000000..5b11a5c85 --- /dev/null +++ b/services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49f62a85-7edf-4afc-9201-7a8939d6a42a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites BytesSent Alert", + "description": "Policy to Audit/Deploy Web sites BytesSent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesSent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesSent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites BytesSent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesSent", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "BytesSent", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json b/services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json new file mode 100644 index 000000000..33b636511 --- /dev/null +++ b/services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "48fcc15e-f043-4bb5-a628-6aefc60432c1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites CpuTime Alert", + "description": "Policy to Audit/Deploy Web sites CpuTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "120" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuTime-threshold-Override_'), field('tags._amba-CpuTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites CpuTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuTime", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "CpuTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuTime-threshold-Override_'), field('tags._amba-CpuTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json b/services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json new file mode 100644 index 000000000..9404444c7 --- /dev/null +++ b/services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b63593ad-6c47-49e3-9b4a-e8b19f0cc7db", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites CurrentAssemblies Alert", + "description": "Policy to Audit/Deploy Web sites CurrentAssemblies Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CurrentAssemblies" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CurrentAssemblies-threshold-Override_'), field('tags._amba-CurrentAssemblies-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CurrentAssemblies')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites CurrentAssemblies", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CurrentAssemblies", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "CurrentAssemblies", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CurrentAssemblies-threshold-Override_'), field('tags._amba-CurrentAssemblies-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json b/services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json new file mode 100644 index 000000000..d6bfa9e38 --- /dev/null +++ b/services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0c0fca3-1832-4a18-8832-5eebd2c1370a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites FileSystemUsage Alert", + "description": "Policy to Audit/Deploy Web sites FileSystemUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileSystemUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileSystemUsage-threshold-Override_'), field('tags._amba-FileSystemUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileSystemUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites FileSystemUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileSystemUsage", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "FileSystemUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileSystemUsage-threshold-Override_'), field('tags._amba-FileSystemUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json b/services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json new file mode 100644 index 000000000..785177af8 --- /dev/null +++ b/services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1e71d59c-b29f-4b43-9f49-7aa0da50c88c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites FunctionExecutionCount Alert", + "description": "Policy to Audit/Deploy Web sites FunctionExecutionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FunctionExecutionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FunctionExecutionCount-threshold-Override_'), field('tags._amba-FunctionExecutionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FunctionExecutionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites FunctionExecutionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FunctionExecutionCount", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "FunctionExecutionCount", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FunctionExecutionCount-threshold-Override_'), field('tags._amba-FunctionExecutionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json b/services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json new file mode 100644 index 000000000..b8b1bd9c3 --- /dev/null +++ b/services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "12241b03-3f62-4100-9cf3-7798a7796600", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites FunctionExecutionUnits Alert", + "description": "Policy to Audit/Deploy Web sites FunctionExecutionUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "13000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FunctionExecutionUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FunctionExecutionUnits-threshold-Override_'), field('tags._amba-FunctionExecutionUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FunctionExecutionUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites FunctionExecutionUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FunctionExecutionUnits", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "FunctionExecutionUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FunctionExecutionUnits-threshold-Override_'), field('tags._amba-FunctionExecutionUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json b/services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json new file mode 100644 index 000000000..809d76332 --- /dev/null +++ b/services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dc560ab2-18ad-49ae-9937-9b9a770faaab", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Handles Alert", + "description": "Policy to Audit/Deploy Web sites Handles Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Handles" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Handles')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Handles", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Handles", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Handles", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json b/services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json new file mode 100644 index 000000000..a5def10b6 --- /dev/null +++ b/services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ff5238a3-e40f-47c7-a142-f7a19b7764f9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots HealthCheckStatus Alert", + "description": "Policy to Audit/Deploy Web sites slots HealthCheckStatus Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HealthCheckStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HealthCheckStatus-threshold-Override_'), field('tags._amba-HealthCheckStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HealthCheckStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots HealthCheckStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HealthCheckStatus", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "HealthCheckStatus", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HealthCheckStatus-threshold-Override_'), field('tags._amba-HealthCheckStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json b/services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json new file mode 100644 index 000000000..d1469a3e0 --- /dev/null +++ b/services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b4e2bc80-9307-44d8-89f1-04c7133f37fc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots HttpResponseTime Alert", + "description": "Policy to Audit/Deploy Web sites slots HttpResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HttpResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HttpResponseTime-threshold-Override_'), field('tags._amba-HttpResponseTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HttpResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots HttpResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HttpResponseTime", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "HttpResponseTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HttpResponseTime-threshold-Override_'), field('tags._amba-HttpResponseTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json b/services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json new file mode 100644 index 000000000..a336bf49d --- /dev/null +++ b/services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "02ef5600-fed6-474a-8fbb-5ed088b04d0d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http406 Alert", + "description": "Policy to Audit/Deploy Web sites Http406 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http406" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http406-threshold-Override_'), field('tags._amba-Http406-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http406')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http406", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http406", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http406", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http406-threshold-Override_'), field('tags._amba-Http406-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json b/services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json new file mode 100644 index 000000000..d27fca7b9 --- /dev/null +++ b/services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "265b54e0-33a0-44b3-9f7b-ce53328439e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http404 Alert", + "description": "Policy to Audit/Deploy Web sites slots Http404 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http404" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http404-threshold-Override_'), field('tags._amba-Http404-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http404')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http404", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http404", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http404", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http404-threshold-Override_'), field('tags._amba-Http404-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json b/services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json new file mode 100644 index 000000000..b7700ab05 --- /dev/null +++ b/services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "67ca6d43-ab88-4fb8-9c18-2862765681e6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http403 Alert", + "description": "Policy to Audit/Deploy Web sites slots Http403 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http403" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http403-threshold-Override_'), field('tags._amba-Http403-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http403')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http403", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http403", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http403", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http403-threshold-Override_'), field('tags._amba-Http403-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json b/services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json new file mode 100644 index 000000000..205a09244 --- /dev/null +++ b/services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a8024ffc-b3b7-48eb-8f24-ae7da834cde2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http401 Alert", + "description": "Policy to Audit/Deploy Web sites Http401 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http401" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http401-threshold-Override_'), field('tags._amba-Http401-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http401')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http401", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http401", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http401", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http401-threshold-Override_'), field('tags._amba-Http401-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json b/services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json new file mode 100644 index 000000000..8321a7a65 --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0853a13e-b316-4ea0-98a2-9d722a508d1e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http3xx Alert", + "description": "Policy to Audit/Deploy Web sites Http3xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http3xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http3xx-threshold-Override_'), field('tags._amba-Http3xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http3xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http3xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http3xx", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http3xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http3xx-threshold-Override_'), field('tags._amba-Http3xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json b/services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json new file mode 100644 index 000000000..ede57542e --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0bdd95e0-1d48-40e5-85c7-cd8008b966b0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http4xx Alert", + "description": "Policy to Audit/Deploy Web sites slots Http4xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http4xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http4xx-threshold-Override_'), field('tags._amba-Http4xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http4xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http4xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http4xx", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http4xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http4xx-threshold-Override_'), field('tags._amba-Http4xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json b/services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json new file mode 100644 index 000000000..cb77861f3 --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e4fa68d2-55cd-4371-9574-95ae5c34d4ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http2xx Alert", + "description": "Policy to Audit/Deploy Web sites Http2xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http2xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http2xx-threshold-Override_'), field('tags._amba-Http2xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http2xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http2xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http2xx", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http2xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http2xx-threshold-Override_'), field('tags._amba-Http2xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json b/services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json new file mode 100644 index 000000000..d29bce6d6 --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http5xx Alert", + "description": "Policy to Audit/Deploy Web sites slots Http5xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http5xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http5xx-threshold-Override_'), field('tags._amba-Http5xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http5xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http5xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http5xx", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http5xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http5xx-threshold-Override_'), field('tags._amba-Http5xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json b/services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json new file mode 100644 index 000000000..241e350bb --- /dev/null +++ b/services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "93768520-ab75-4e4e-b39b-a210a32379c0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites MemoryWorkingSet Alert", + "description": "Policy to Audit/Deploy Web sites MemoryWorkingSet Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1500000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryWorkingSet" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MemoryWorkingSet-threshold-Override_'), field('tags._amba-MemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryWorkingSet')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites MemoryWorkingSet", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryWorkingSet", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "MemoryWorkingSet", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MemoryWorkingSet-threshold-Override_'), field('tags._amba-MemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json b/services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json new file mode 100644 index 000000000..8ab0a9d16 --- /dev/null +++ b/services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3acdc4ab-514c-42c3-82e1-cb41fa338c2f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites PrivateBytes Alert", + "description": "Policy to Audit/Deploy Web sites PrivateBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1200000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PrivateBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PrivateBytes-threshold-Override_'), field('tags._amba-PrivateBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PrivateBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites PrivateBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PrivateBytes", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "PrivateBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PrivateBytes-threshold-Override_'), field('tags._amba-PrivateBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json b/services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json new file mode 100644 index 000000000..4845dae80 --- /dev/null +++ b/services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2e62242b-6d20-44b5-86f9-f9a0de8ffe3f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites RequestsInApplicationQueue Alert", + "description": "Policy to Audit/Deploy Web sites RequestsInApplicationQueue Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RequestsInApplicationQueue" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RequestsInApplicationQueue-threshold-Override_'), field('tags._amba-RequestsInApplicationQueue-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RequestsInApplicationQueue')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites RequestsInApplicationQueue", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RequestsInApplicationQueue", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "RequestsInApplicationQueue", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RequestsInApplicationQueue-threshold-Override_'), field('tags._amba-RequestsInApplicationQueue-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json b/services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json new file mode 100644 index 000000000..77d956a8a --- /dev/null +++ b/services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fa87c863-2d21-4b9d-897f-452fd35b06c3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Requests Alert", + "description": "Policy to Audit/Deploy Web sites Requests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Requests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Requests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Requests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Requests", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Requests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json b/services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json new file mode 100644 index 000000000..adaac2296 --- /dev/null +++ b/services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9e412261-433b-45fd-8944-2f891bf14a56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Threads Alert", + "description": "Policy to Audit/Deploy Web sites Threads Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Threads" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Threads-threshold-Override_'), field('tags._amba-Threads-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Threads')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Threads", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Threads", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Threads", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Threads-threshold-Override_'), field('tags._amba-Threads-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json b/services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json new file mode 100644 index 000000000..7cecf46df --- /dev/null +++ b/services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "89ec4b6f-d1b2-4402-8a1d-48440624fc31", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites WorkflowRunsFailureRate Alert", + "description": "Policy to Audit/Deploy Web sites WorkflowRunsFailureRate Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "WorkflowRunsFailureRate" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-WorkflowRunsFailureRate-threshold-Override_'), field('tags._amba-WorkflowRunsFailureRate-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-WorkflowRunsFailureRate')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites WorkflowRunsFailureRate", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "WorkflowRunsFailureRate", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "WorkflowRunsFailureRate", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-WorkflowRunsFailureRate-threshold-Override_'), field('tags._amba-WorkflowRunsFailureRate-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json b/services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json new file mode 100644 index 000000000..722183d89 --- /dev/null +++ b/services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8a492278-c49f-4e4c-8fd5-a1680590864a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites WorkflowTriggersFailureRate Alert", + "description": "Policy to Audit/Deploy Web sites WorkflowTriggersFailureRate Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "WorkflowTriggersFailureRate" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-WorkflowTriggersFailureRate-threshold-Override_'), field('tags._amba-WorkflowTriggersFailureRate-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-WorkflowTriggersFailureRate')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites WorkflowTriggersFailureRate", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "WorkflowTriggersFailureRate", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "WorkflowTriggersFailureRate", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-WorkflowTriggersFailureRate-threshold-Override_'), field('tags._amba-WorkflowTriggersFailureRate-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/generate-policies.ps1 b/tooling/generate-templates/generate-policies.ps1 new file mode 100644 index 000000000..e70bc4b72 --- /dev/null +++ b/tooling/generate-templates/generate-policies.ps1 @@ -0,0 +1,115 @@ +<# + .SYNOPSIS + This script generates policy templates based on YAML files containing alert configurations. + + .DESCRIPTION + The script processes each YAML file in the specified directory and generates policy templates based on the alert configurations defined in the YAML files. It creates policy templates in the specified output directory. + + .PARAMETER None + This script does not take any parameters. + + .NOTES + Requires yq to be installed. yq is a lightweight and portable command-line YAML processor. It can be downloaded from https://github.com/mikefarah/yq + + .EXAMPLE + .\generate-policies.ps1 + + .LINK + https://github.com/Azure/azure-monitor-baseline-alerts +#> + +begin { + # Get all yaml files in services directory + $alertsYaml = Get-ChildItem -Path ../../services/*.yaml -Recurse | Select-Object FullName +} +process { + # Process each yaml file in parallel + $alertsYaml | ForEach-Object -Parallel { + Write-Output "Processing $($_.FullName)" + # Convert yaml to json + $alertJson = yq e -o=json $_.FullName + $alertJsonObject = $alertJson | ConvertFrom-Json + + # Process each alert in the yaml file + foreach ($alert in $alertJsonObject) { + $policyPathName = $_.FullName -replace "alerts.yaml", "" + $policyFileName = "$($alert.properties.metricName)" -replace "[^a-zA-Z_]", "" + $policyDirectory = "$($policyPathName)templates\policy" + # Check if the alert has a deployment template and has a deployment tag of "alz" + if ((Test-Path -Path "$($policyPathName)$($alert.deployments.template)") -and $alert.deployments.tags -eq "alz") { + if (-not (Test-Path -Path $policyDirectory)) { + New-Item -ItemType Directory -Path $policyDirectory -Force + } + if ($policyFileName -eq "") { + $policyFileName = $alert.name -replace "[^a-zA-Z_]", "" + } + # Copy the deployment template to the policy directory + Copy-Item -Path "$($policyPathName)$($alert.deployments.template)" -Destination "$($policyPathName)templates\policy\$($policyFileName)_$($alert.guid).json" + } + # Generate policy template based on the alert configuration + If ($alert.type -eq "Metric") { + if ($alert.type -eq "Metric" -and $alert.properties.criterionType -eq "StaticThresholdCriterion") { + $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\metric-static.json" + } + if ($alert.type -eq "Metric" -and $alert.properties.criterionType -eq "DynamicThresholdCriterion") { + $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\metric-dynamic.json" + } + # TODO: Add support for Log alerts, need to fix query format and dimensions + #if ($alert.type -eq "Log") { + # $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\log.json" + #} + # TODO: Add support for Activity Log alerts, dependecy on resource type + #if ($alert.type -eq "ActivityLog" -and $alert.properties.category -eq "Administrative") { + # $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\activity-administrative.json" + #} + $alertTemplate = $alertTemplate -replace "##POLICY_NAME##", $alert.guid + if ($alert.deployments.name -ne $null) { + $alertTemplate = $alertTemplate -replace "##POLICY_DISPLAY_NAME##", $alert.deployments.name + $alertTemplate = $alertTemplate -replace "##POLICY_DESCRIPTION##", "Policy to Audit/$($alert.deployments.name)" + } + if ($alert.deployments.name -eq $null) { + $serviceName = $alert.properties.metricNamespace -replace "Microsoft.", "" + $serviceName = $serviceName -replace "[/]", " " + $alertTemplate = $alertTemplate -replace "##POLICY_DISPLAY_NAME##", "Deploy $($serviceName) $($alert.properties.metricName) Alert" + $alertTemplate = $alertTemplate -replace "##POLICY_DESCRIPTION##", "Policy to Audit/Deploy $($serviceName) $($alert.properties.metricName) Alert" + } + $category = $alert.properties.metricNamespace -replace "Microsoft.", "" + $category = $category -replace "/.+", "" + $alertTemplate = $alertTemplate -replace "##POLICY_CATEGORY##", $category + $serviceName = $alert.properties.metricNamespace -replace "Microsoft.", "" + $serviceName = $serviceName -replace "[/]", " " + $alertTemplate = $alertTemplate -replace "##SERVICE##", $serviceName + $alertTemplate = $alertTemplate -replace "##SEVERITY##", $alert.properties.severity + $alertTemplate = $alertTemplate -replace "##WINDOW_SIZE##", $alert.properties.windowSize + $alertTemplate = $alertTemplate -replace "##EVALUATION_FREQUENCY##", $alert.properties.evaluationFrequency + $alertTemplate = $alertTemplate -replace "##THRESHOLD##", $alert.properties.threshold + $alertTemplate = $alertTemplate -replace "##METRIC_NAMESPACE##", $alert.properties.metricNamespace + $alertTemplate = $alertTemplate -replace "##METRIC_NAME##", $alert.properties.metricName + $alertTemplate = $alertTemplate -replace "##TIME_AGGREGATION##", $alert.properties.timeAggregation + $alertTemplate = $alertTemplate -replace "##OPERATOR##", $alert.properties.operator + $alertTemplate = $alertTemplate -replace "##CRITERION_TYPE##", $alert.properties.criterionType + $alertTemplate = $alertTemplate -replace "##ALERT_SENSITIVITY##", $alert.properties.alertSensitivity + $alertTemplate = $alertTemplate -replace "##MIN_FAILING_PERIODS##", $alert.properties.failingPeriods.minFailingPeriodsToAlert + $alertTemplate = $alertTemplate -replace "##NUMBER_OF_EVALUATION_PERIODS##", $alert.properties.failingPeriods.numberOfEvaluationPeriods + $alertTemplate = $alertTemplate -replace "##RESOURCE_TYPE##" + $alertName = $alert.name -replace "[^a-zA-Z_]", "" + $alertTemplate = $alertTemplate -replace "##ALERT_NAME##", $alertName + $alertTemplate = $alertTemplate -replace "##ALERT_DESCRIPTION##", $alert.description + $alertTemplate = $alertTemplate -replace "##QUERY##", $alert.properties.query + $alertTemplate = $alertTemplate -replace "##DIMENSIONS##", $alert.properties.dimensions + $alertTemplate = $alertTemplate -replace "##OPERATION_NAME##", $alert.properties.operationName + if (-not (Test-Path -Path $policyDirectory)) { + New-Item -ItemType Directory -Path $policyDirectory -Force + } + if ($policyFileName -eq "") { + $policyFileName = $alert.name -replace "[^a-zA-Z_]", "" + } + # Write the policy template to a file + Out-File -FilePath "$($policyPathName)templates\policy\$($policyFileName)_$($alert.guid).json" -InputObject $alertTemplate + } + } + } -ThrottleLimit 10 +} +end { + Write-Output "Policy templates generated successfully." +} diff --git a/tooling/generate-templates/policy/activity-administrative.json b/tooling/generate-templates/policy/activity-administrative.json new file mode 100644 index 000000000..9eb7c057e --- /dev/null +++ b/tooling/generate-templates/policy/activity-administrative.json @@ -0,0 +1,285 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "Project": "amba-monitoring" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "ALZ Monitoring disabled tag name", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "ALZ Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##RESOURCE_TYPE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "##ALERT_NAME##", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "##OPERATION_NAME##" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2020-10-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "##ALERT_NAME##", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "##ALERT_NAME##", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "##ALERT_DESCRIPTION##", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "##OPERATION_NAME##" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/policy/log.json b/tooling/generate-templates/policy/log.json new file mode 100644 index 000000000..dfad50051 --- /dev/null +++ b/tooling/generate-templates/policy/log.json @@ -0,0 +1,603 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "Project": "amba-monitoring" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "UAMIResourceId": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The resource Id of the user assigned managed identity.", + "displayName": "User Assigned managed Identity resource Id." + } + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "##SEVERITY##" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "GreaterThan" + ], + "defaultValue": "##OPERATOR##" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Count" + ], + "defaultValue": "##TIME_AGGREGATION##" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "##WINDOW_SIZE##" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "##EVALUATION_FREQUENCY##" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "##THRESHOLD##" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "##MIN_FAILING_PERIODS##" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "##NUMBER_OF_EVALUATION_PERIODS##" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##RESOURCE_TYPE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-##ALERT_NAME##')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "##QUERY##" + }, + { + "field": "identity.userAssignedIdentities", + "containsKey": "[[parameters('UAMIResourceId')]" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "UAMIResourceId": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "computersToInclude": { + "type": "array" + }, + "MonitorDisableTagName": { + "type": "String" + }, + "MonitorDisableTagValues": { + "type": "Array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "##ALERT_NAME##", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "UAMIResourceId": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-##ALERT_NAME##')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "[[parameters('UAMIResourceId')]": {} + } + }, + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-##ALERT_NAME##')]", + "description": "##ALERT_DESCRIPTION##", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "##RESOURCE_TYPE##" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "##QUERY##", + "threshold": 0, + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + ##DIMENSIONS## + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "UAMIResourceId": { + "value": "[[parameters('UAMIResourceId')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "MonitorDisableTagName": { + "value": "[[parameters('MonitorDisableTagName')]" + }, + "MonitorDisableTagValues": { + "value": "[[parameters('MonitorDisableTagValues')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "UAMIResourceId": { + "value": "[[parameters('UAMIResourceId')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "UAMIResourceId": { + "value": "[[parameters('UAMIResourceId')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "MonitorDisableTagName": { + "value": "[[parameters('MonitorDisableTagName')]" + }, + "MonitorDisableTagValues": { + "value": "[[parameters('MonitorDisableTagValues')]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/policy/metric-dynamic.json b/tooling/generate-templates/policy/metric-dynamic.json new file mode 100644 index 000000000..8d2e16839 --- /dev/null +++ b/tooling/generate-templates/policy/metric-dynamic.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "##SEVERITY##" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "##WINDOW_SIZE##" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "##EVALUATION_FREQUENCY##" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "##ALERT_SENSITIVITY##" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "##METRIC_NAME##" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/##METRIC_NAMESPACE##/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "##TIME_AGGREGATION##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "##OPERATOR##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": ##MIN_FAILING_PERIODS## + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": ##NUMBER_OF_EVALUATION_PERIODS## + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-##METRIC_NAME##')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ##SERVICE## ##METRIC_NAME##", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "##METRIC_NAME##", + "metricNamespace": "##METRIC_NAMESPACE##", + "metricName": "##METRIC_NAME##", + "operator": "##OPERATOR##", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": ##MIN_FAILING_PERIODS##, + "numberOfEvaluationPeriods": ##NUMBER_OF_EVALUATION_PERIODS## + }, + "timeAggregation": "##TIME_AGGREGATION##", + "criterionType": "##CRITERION_TYPE##" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/policy/metric-static.json b/tooling/generate-templates/policy/metric-static.json new file mode 100644 index 000000000..239357421 --- /dev/null +++ b/tooling/generate-templates/policy/metric-static.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "##SEVERITY##" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "##WINDOW_SIZE##" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "##EVALUATION_FREQUENCY##" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "##THRESHOLD##" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "##METRIC_NAME##" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/##METRIC_NAMESPACE##/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "##TIME_AGGREGATION##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "##OPERATOR##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-##METRIC_NAME##-threshold-Override_'), field('tags._amba-##METRIC_NAME##-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-##METRIC_NAME##')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ##SERVICE## ##METRIC_NAME##", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "##METRIC_NAME##", + "metricNamespace": "##METRIC_NAMESPACE##", + "metricName": "##METRIC_NAME##", + "operator": "##OPERATOR##", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "##TIME_AGGREGATION##", + "criterionType": "##CRITERION_TYPE##" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-##METRIC_NAME##-threshold-Override_'), field('tags._amba-##METRIC_NAME##-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +}